[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: rsa public keys
-----BEGIN PGP SIGNED MESSAGE-----
At 12:14 PM 8/5/97 +0300, Markku-Juhani Saarinen wrote:
>On Mon, 4 Aug 1997, Carl Ellison wrote:
>
>> If all you care about, in your definition of "principal", is
>> "the person who knows the secret", then just the modulus is enough to
>> identify that person.
>
>I don't think that a modulus alone can securely speak for its owner.
>Eve could associate e=1, e=0, e=2, e=-1 or some other cooked exponent with
>a modulus.
This is the same argument for noting the hash name as part of the algorithm
name.
>The level of security would decrease as we could not be sure what
>input formatting was used. It really doesn't matter if we can't be sure
>what hash function was used, because the chance of sha1 <-> md5
>collisions ( i.e. having x and y so that md5(x) = sha1(y) ) is minimal.
Exactly my thinking, when Burt set me straight. That's like forgetting your
trivial e examples and assuming the choice is between e=3 and e=65537. Eve can
invent a stupid hash function.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBM+cv2VQXJENzYr45AQF42wP+JJA+1HuSt9/cNnlRMX9NsC8zIjCwHYds
iMadZyDwhqPdhDZtEO7OyPyJBQF74mXBnLvNAJUfc4zwSBrT8GRs4r3A1i0z4fjm
WhWMLAzFAvTmXRfD3F0wQ1etxVSk/7nSjEB5g36vjIhuVwDclTwI29bCSbG9Q0tS
HbSF2yTo7J0=
=cov3
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
Follow-Ups:
References: