[Cryptech Tech] RSA-CRT fault based key leakage

Rob Austein sra at hactrn.net
Fri Sep 4 19:16:15 UTC 2015


I've seen this general recommendation (always verify the signature
you just generated) in a couple of places, for both RSA and ECDSA.
For RSA this is a relatively cheap operation; for ECDSA it probably
costs at least as much as generating the signature.


More information about the Tech mailing list