Fault attacks on RSA in libgcrypt
Werner Koch
wk at gnupg.org
Wed Aug 24 15:25:36 CEST 2016
On Mon, 22 Aug 2016 19:42, burdges at gnunet.org said:
> I implemented the protection against fault attacks recommended in
> "Making RSA-PSS Provably Secure Against Non-Random Faults" by Gilles
> Barthe, François Dupressoir, Pierre-Alain Fouque, Benjamin Grégoire,
I do not have the time to read that paper right now. We recently had a
similar thing with gpgv and dpkg and it was not clear whether we can do
anything about it anyway.
Wouldn't a signature verification after creation catch that fault?
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
/* Join us at OpenPGP.conf <https://openpgp-conf.org> */
More information about the Gcrypt-devel
mailing list