In RSA, check that the input is less than the modulus n before blinding - botan.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Jack Lloyd <[email protected]>	2015-08-21 19:34:10 -0400
committer	Jack Lloyd <[email protected]>	2015-08-21 19:34:10 -0400
commit	9aa2b72c0cc8792b736fcd8016f5dec901f1ecdd (patch)
tree	5fb2c10ab249068ab498a442a986998d8690f23e /botan_version.py
parent	ca155a7e54ec39e60f9dd6c53567ebf283b3e8d0 (diff)

In RSA, check that the input is less than the modulus n before blinding

rather than after. After blinding the value is always reduced mod n so the condition is never met. This may be the cause of RSA test failures described in GH #174 The scenario was that during randomized corruption tests we occasionally provide an input which was greater than the modulus. When that happened the value was effectively reduced mod n, so the self-check would later fail, because the decrypted result (reduced mod n) would be compared with the original (larger than n) input.

Diffstat (limited to 'botan_version.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: