[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cypherpunk Certification Authority

To: Bill Stewart <[email protected]>
Subject: Re: Cypherpunk Certification Authority
From: James Black <[email protected]>
Date: Mon, 27 Nov 1995 20:22:13 -0500 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

Hello,

On Mon, 27 Nov 1995, Bill Stewart wrote:

> Signatures often have known, or easily guessed, plaintext in them,
> like the signer's name or ID number, or various header fields
> such as X.509's equivalent to ----- BEGIN PGP ....

  If the signature is padded with random junk on the end, then it makes 
it harder to do a known text attack.  There was a message a few days ago 
by Anderson and someone else (in England) that dealt with weaknesses in 
some encryption protocols.  It was good to read.

> DES isn't worthless.  It's a bit weak, but not worthless.

  Even though he didn't have proof Bruce Schneier stated in "Applied 
Cryptography 2nd Ed" that the NSA might have a machine that can crack DES 
in 15 mins, and maybe as low as 3-5, as one was built and sold.  The book 
can explain it more, as I am doing this from memory.
  Take care and have fun.

==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: [email protected]
http://www.eng.usf.edu/~black/index.html
**************************************************************************

References:
- Re: Cypherpunk Certification Authority
  - From: Bill Stewart <[email protected]>

Prev by Date: Directed Hamiltonian Path Problem
Next by Date: Mixmaster Remailer FAQ
Prev by thread: Re: Cypherpunk Certification Authority
Next by thread: Re: Cypherpunk Certification Authority
Index(es):
- Date
- Thread