[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cypherpunk Certification Authority

To: [email protected]
Subject: Re: Cypherpunk Certification Authority
From: Bill Stewart <[email protected]>
Date: Mon, 27 Nov 1995 11:53:22 -0800
Sender: [email protected]

At 11:20 AM 11/25/95 -0800, you wrote:
>At 01:53 AM 11/26/95 -0800, [email protected] wrote:
>>You'd rather sign before encryption??
>>Doesn't that give you "known plain-text" to attack?
>
>The signature is not known unless the whole message being signed is
>known.

Signatures often have known, or easily guessed, plaintext in them,
like the signer's name or ID number, or various header fields
such as X.509's equivalent to ----- BEGIN PGP ....

>And any encryption scheme that is vulnerable to known plaintext attack
>where only a part of the message is known, is worthless anyway.

DES isn't worthless.  It's a bit weak, but not worthless.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, [email protected]
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

Follow-Ups:
- Re: Cypherpunk Certification Authority
  - From: James Black <[email protected]>

Prev by Date: Re: GOST for sale
Next by Date: Re: [NOISE] Chi Sun Times SS# Sweepstakes
Prev by thread: Re: Cypherpunk Certification Authority
Next by thread: Re: Cypherpunk Certification Authority
Index(es):
- Date
- Thread