IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Interop lsh and SSH-2.0-GitLab-SSHD
Mouse <mouse%Rodents-Montreal.ORG@localhost> writes:
>We want e to be large enough to make the low encryption exponent attack
>hopeless right out of the gate
You're using PKCS #1 padding which was designed to make the low encryption
exponent attack hopeless right out of the gate from day one - if this was an
issue, every CA on the planet that uses F4 as an exponent, and even more so
PGP which traditionally used 17 or 257, would have been compromised years ago.
You're not gaining anything by doing this apart from (a) wasting a ton of CPU
cycles [*] and (b) risking non-interoperability with other implementations
that enforce sanity-checks on public-key values.
Peter.
[*] This may be why your SSH handshake is so surprisingly slow.
Home |
Main Index |
Thread Index |
Old Index