search for: rsa_blinding_on

After browsing "Remote timing attacks are practical" (Boneh & Brumley, <http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html>), I wonder if it might be a good idea to add calls to RSA_blinding_on() before the OpenSSL RSA decryption routines are invoked. The issue is not a LAN-only issue, BTW. Packet delay variation is usually higher in LANs than in WANs. -- Florian Weimer Weimer at CERT.Uni-Stuttgart.DE University of Stuttgart http://CERT.Uni-Stuttgart.DE/pe...

OpenSSH Developers, I'm researching whether or not OpenSSH is a viable commercial alternative to F-SECURE SSH or SSH.COM's ssh, but I'm not getting the kind of results that I expected from a "Non patent encumbered ssh client". When I attempt to build OpenSSH against an OpenSSL build without rc5, idea, or rsa it bombs since OpenSSL doesn't place the header files in the

...attacker to perform a single RSA private key operation on a ciphertext of its choice using the server's RSA key. Note that the server's RSA key is not compromised in this attack. IV. Workaround RSA timing attack: Disable the use of RSA or enable RSA blinding in OpenSSL using the RSA_blinding_on() function. The method of adjusting the list of acceptable ciphersuites varies from application to application. See the application's documentation for details. Klima-Pokorny-Rosa attack: Disable the use of ciphersuites which use PKCS #1 v1.5 padding in SSL or TLS. The method of adj...

...prv = key_new(KEY_UNSPEC); > prv->rsa = EVP_PKEY_get1_RSA(pk); > prv->type = KEY_RSA; > name = "rsa w/o comment"; > #ifdef DEBUG_PK > RSA_print_fp(stderr, prv->rsa, 8); > #endif > if (RSA_blinding_on(prv->rsa, NULL) != 1) { > ERR_print_errors_fp(stderr); > error("key_load_eng_prv: RSA_blinding failed"); > key_free(prv); > prv = NULL; > } > } else { > error(&quo...