[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Taler] Fault attacks on RSA in libgcrypt
|
From: |
Christian Grothoff |
|
Subject: |
Re: [Taler] Fault attacks on RSA in libgcrypt |
|
Date: |
Tue, 23 Aug 2016 09:54:50 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.6.0 |
Unlike a signature, the result of a decryption operation is typically
then NOT send over the network, so even if the decrypted value leaks
bits about the private key, that's not so bad as most likely it'll cause
a failure locally next, causing the result to be discarded.
On 08/23/2016 07:54 AM, Stephan Mueller wrote:
> May I ask why that patch is limited to rsa_sign? Shouldn't the decrypt part
> also be covered with a similar logic considering that it also operates with
> the private key?
0xE29FC3CC.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature