[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thoughts on 15 day CJ crypto




In article <[email protected]>, you write:
|> So it's possible the RSA requirement is in there to provide an
|> assurance that the right key was selected.

Isn't it common practice to pad out a plaintext block with random
garbage to the size of the modulus before you RSA-encrypt it? E.g., if
you have an 8-byte DES key and you want to encrypt it with an RSA
public key having a 512-bit modulus, you'd stick 56 bytes of random
stuff in front of the DES key before you do the exponentiation.  When
you decrypt with the secret key, you simply throw away the random
padding.

At least RSAREF does this.

Wouldn't this thwart the kind of attack you describe?

Phil