[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cypherpunk Certification Authority

To: [email protected] (Adam Shostack)
Subject: Re: Cypherpunk Certification Authority
From: [email protected] (Mark Chen)
Date: Sat, 25 Nov 1995 18:27:29 -0800 (PST)
Cc: [email protected] (cypherpunks)
In-Reply-To: <[email protected]> from "Adam Shostack" at Nov 25, 95 04:05:28 pm
Sender: [email protected]


> | C) Don't settle for less than X.509 ver 3, because this allows the 
> | certificate to carry within it a reference to the location of the CRL 
> | list.  Use that feature.
> 
> 	Does X.509 version 3 fix the problem that Ross Anderson points
> out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
> ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)

I don't believe that it does.

For those who missed it, the problem is that the encryptor in an
encrypt-before-signing protocol is able to use his knowledge of the
factorization of the encryption modulus to compute a discrete log, and
forge another message for which the signature is also valid (after
registering the new exponent).

   - Mark -



--
Mark Chen 
[email protected]
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D

References:
- Re: Cypherpunk Certification Authority
  - From: Adam Shostack <[email protected]>

Prev by Date: Re: crypto for porno users
Next by Date: No Subject
Prev by thread: Re: Cypherpunk Certification Authority
Next by thread: Re: Cypherpunk Certification Authority
Index(es):
- Date
- Thread