From b0c342b5e933b180e23c17f6a3b82de3ba500f19 Mon Sep 17 00:00:00 2001 From: Laurence Tennant Date: Sun, 18 Aug 2019 03:01:15 -0700 Subject: [PATCH] Fix inline mathjax not rendering Tested locally. Great article btw --- _posts/2019-01-17-cat.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/_posts/2019-01-17-cat.md b/_posts/2019-01-17-cat.md index 039078b..86ca738 100644 --- a/_posts/2019-01-17-cat.md +++ b/_posts/2019-01-17-cat.md @@ -79,11 +79,11 @@ for RSA , most will re-use their certificates instead of updating to the more recent RSA-PSS. RSA digital signatures specified per the standard are really close to the RSA encryption algorithm specified by the same document, so close that Bleichenbacher’s decryption attack on RSA -encryption also works to forge RSA signatures. Intuitivelly, we have -$pms^e$ and the decryption attack allows us to find $(pms^e)^d = pms$, +encryption also works to forge RSA signatures. Intuitively, we have +\(pms^e) and the decryption attack allows us to find $$(pms^e)^d = pms$$, for forging signatures we can pretend that the content to be signed -$tbs$ ([see RFC 8446](https://tools.ietf.org/html/rfc8446#section-4.4.3)) is $tbs = pms^e$ and obtain $tbs^d$ via the attack, which is -by definition the signature over the message $tbs$. However, this +$$tbs$$ ([see RFC 8446](https://tools.ietf.org/html/rfc8446#section-4.4.3)) is $$tbs = pms^e$$ and obtain $$tbs^d$$ via the attack, which is +by definition the signature over the message $$tbs$$. However, this signature forgery requires an additional step (blinding) in the conventional Bleichenbacher attack (in practice this can lead to hundreds of thousands of additional messages).