|
|
|
|
|
|
by rainsford
723 days ago
|
|
|
Sure, there are lots of ways to avoid that particular risk. But the point (and the point of the article as I understand it) is that the need to do so is not necessarily an intuitive property of signature algorithms. As the opening paragraph of the article points out, there is a lot of interesting vulnerability space surrounding reasonable properties of cryptographic algorithms that reasonable people might incorrectly assume they do or do not have. This is not necessarily a critique of any particular algorithm, but a reminder that designing secure cryptographic protocols is fiendishly difficult and that all else being equal, designers and users should probably prefer algorithms and protocols designed to limit surprising properties or catastrophic failure modes. |
|
|