Joerg wrote:
>
>>Why not? So far just about anything has been hacked.
>
>Last i heard RSA had not been hacked yet.
Some commonly used implementations using RSA it have been shown to have weaknesses.
| | From [
formatting link
]: | | OpenSSL Security Advisory [5th September 2006] | | RSA Signature Forgery (CVE-2006-4339) | ===================================== | | Vulnerability | ------------- | | Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5 | signatures. If an RSA key with exponent 3 is used it may be possible | to forge a PKCS #1 v1.5 signature signed by that key. Implementations | may incorrectly verify the certificate if they are not checking for | excess data in the RSA exponentiation result of the signature. | | Since there are CAs using exponent 3 in wide use, and PKCS #1 v1.5 is | used in X.509 certificates, all software that uses OpenSSL to verify | X.509 certificates is potentially vulnerable, as well as any other use | of PKCS #1 v1.5. This includes software that uses OpenSSL for SSL or | TLS. | | OpenSSL versions up to 0.9.7j and 0.9.8b are affected. | | The Common Vulnerabilities and Exposures project (cve.mitre.org) has | assigned the name CAN-2006-4339 to this issue. |
Also see:
Many RSA Signatures May Be Forgeable In OpenSSL and Elsewhere
formatting link
RSA Signature Forgery Explained (with Nate Lawson)
formatting link
formatting link
formatting link
formatting link
formatting link
formatting link
formatting link
formatting link
Bleichenbacher's RSA signature forgery based on implementation error
formatting link
Mozilla Foundation Security Advisory 2006-60: RSA Signature Forgery
formatting link
Mozilla Foundation Security Advisory 2006-66: RSA Signature Forgery (variant)
formatting link
Mozilla Falls To RSA Forgery Attack
formatting link
A forged SSL server certificate can be accepted by Opera as a valid certificate
formatting link
GNUTLS PKCS RSA Signature Forgery Vulnerability
formatting link
Widespread Diffie-Hellman Implementation Weakness: Conspiracy or Ignorance?
formatting link
Fun with Exponents: Certificate Forgery
formatting link
[gnutls-dev] Original analysis of signature forgery problem
formatting link
The Pwnie Awards
formatting link