[cryptography] Questions about crypto in Oracle TDE

Adam Back adam at cypherspace.org
Fri Nov 9 03:03:17 EST 2012


On Thu, Nov 08, 2012 at 03:22:24PM -0800, Morlock Elloi wrote:
> However, if you use asymmetric crypto (say, 1024 or 2048-bit RSA), give
> only public key(s) to encrypting flows, and reserve the secret key(s) for
> modules that need the actual plaintext access (a rare situation in
> practice), then:

Do you do any padding?  If not you might be vulnerable to multiplication
because:

RSA(a)*RSA(b) == RSA(a*b)

and if you are doing padding (eg with random inputs if any seeded by the
plaintext and a fixed secrete seed), then you need rigorously verify the
padding on decrypt or the padding may not defend against multiplication.

Adam



More information about the cryptography mailing list