[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: RSA Signature Padding
Peter,
You may be right about the implementers.
There is benefit to PSS over 1.5. The paper points that out.
> -----Original Message-----
> From: pgut001 [mailto:pgut001@xxxxxxxxxxxxxxxxx]
> Sent: Thursday, June 11, 2009 6:37 AM
> To: Santosh Chokhani; simon@xxxxxxxxxxxxx
> Cc: ietf-pkix@xxxxxxx; tgindin@xxxxxxxxxx
> Subject: Re: RSA Signature Padding
>
> Simon Josefsson <simon@xxxxxxxxxxxxx> writes:
> >"Santosh Chokhani" <SChokhani@xxxxxxxxxxxx> writes:
> >> I am asking because of the paper in the link below.
> >>
> >> http://eprint.iacr.org/2009/203
> >
> >Interesting. What does that mean for PKCS#1 v1.5?
>
> Nothing whatsoever.
>
> Rob Stradling <rob.stradling@xxxxxxxxxx> writes:
>
> >Should implementors wait until support for RSA-PSS is sufficiently
> >widespread for their needs before migrating from
> PKCS#1.5/SHA-1 to PKCS#2.1/SHA-2?
>
> Yes. I'd recommend waiting until January 2038, on the basis
> that (a) there may be support for it in implementations by
> then and (b) people will be so busy fixing another problem
> that'll crop up around then that they won't notice this
> particular change.
>
> Peter.
>