[cryptography] Error in PKCS #1 v2.1?

David-Sarah Hopwood david-sarah at jacaranda.org
Thu Feb 17 15:17:30 EST 2011


On 2011-02-17 12:08, Paul Crowley wrote:
> http://www.rsa.com/rsalabs/node.asp?id=2125
> 
> Page 27 of PKCS #1 v2.1 states (step 1):
> 
> "EMSA-PSS encoding: Apply the EMSA-PSS encoding operation (Section 9.1.1) to
> the message M to produce an encoded message EM of length ceil((modBits – 1)/8)
> octets such that the bit length of the integer OS2IP (EM) (see Section 4.2) is
> at most modBits – 1, where modBits is the length in bits of the RSA modulus n"
> 
> Surely where it says ceil((modBits – 1)/8) it has to mean floor((modBits –
> 1)/8)?

No. The octet length may be longer than 8 times the bit length, but never
shorter. It is only the bit length that actually matters.

-- 
David-Sarah Hopwood  ⚥  http://davidsarah.livejournal.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20110217/154a0f59/attachment.asc>


More information about the cryptography mailing list