Default PKCS#1 v1.5 padding leaks information

spikex / strongbox

Secures ActiveRecord attributes with public key encryption

http://stuff-things.net/2009/04/17/introducing-strongbox/

MIT License

398 stars 42 forks source link

Default PKCS#1 v1.5 padding leaks information #38

Open tarcieri opened 11 years ago

tarcieri commented 11 years ago

PKCS#1 v1.5 is vulnerable to adaptive chosen ciphertext attacks. The default padding should likely be changed to OAEP. "No padding" should not be an option.