[e-gold-list] Re: AxiomaticTokenizer - Increased payment security
with one time tokens
Pete Chown
1 at 234.cx
Sun Nov 4 10:19:36 MST 2007
George Hara wrote:
> I have found a JavaScript implementation of RSA which gives a decent
> encryption speed: 250 ms for a 2048 bits key. This can actually be used
> to encrypt all tokens, but then they would have a very large size -
> about 700 chars (with separators).
Are you intending to use a padding scheme (OAEP or similar)? Suppose you
don't and you use an exponent of 3. Ignoring the modulus step, this will
approximately triple the number of binary digits in your input. If your
input is much shorter than the key, then the cube of the input will also
be shorter than the key, and taking the modulus won't do anything. All
an attacker then has to do is take the ordinary cube root, and the
plaintext pops out...
Pete
---
You are currently subscribed to e-gold-list as: e-gold-list at kobly.com
To unsubscribe send a blank email to leave-e-gold-list-512001C at talk.e-gold.com
Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
More information about the E-gold-list
mailing list