Log in

Thu, May. 19th, 2011, 09:25 pm

RSA in particular has vicious attacks when you do authentication checks the wrong way, but that's really an argument in favor of doing authentication properly rather than changing the order, particularly because checking that high order byte is something a naive implementer might do anyway.

That more complicated stuff you mention really shouldn't be done by people who don't already know these issues well, and my advice is for people who don't really know what they're doing by are trying to do something simple (which still might not be a good idea, but they're better off with good advice than without).

No HTML allowed in subject


Notice! This user has turned on the option that logs IP addresses of anonymous posters. 

(will be screened)