Actions
Task #4006
closedOAEP with SHA256
Status:
Abandoned
Priority:
Normal
Assignee:
-
Start date:
03/22/2017
Due date:
% Done:
0%
Estimated time:
Description
AlgorithmRsaOaep uses RSAES_OAEP_SHA_Decryptor which is OAEP padding with SHA1.
https://github.com/named-data/ndn-group-encrypt/blob/master/src/algo/rsa.cpp#L89
Recently, compromising attacks have been found for SHA1. Alex Halderman says we should change to OAEP padding with SHA256. Currently, the code uses the cryptopp definition:
typedef RSAES<OAEP<SHA> >::Decryptor RSAES_OAEP_SHA_Decryptor;
I don't see a typedef for SHA256, but I think it would be possible to define AlgorithmRsaOaepWithSha256 which uses:
RSAES<OAEP<SHA256> >
Actions