[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cypherpunk Certification Authority
> | C) Don't settle for less than X.509 ver 3, because this allows the
> | certificate to carry within it a reference to the location of the CRL
> | list. Use that feature.
> Does X.509 version 3 fix the problem that Ross Anderson points
> out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
I don't believe that it does.
For those who missed it, the problem is that the encryptor in an
encrypt-before-signing protocol is able to use his knowledge of the
factorization of the encryption modulus to compute a discrete log, and
forge another message for which the signature is also valid (after
registering the new exponent).
- Mark -
finger for PGP public key
D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D