[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Mr. Squirrel? Just who is who here?
Hugh asks how, in a broadcast network, we may verify identity. The
answer is "statistically." Not everyone needs to verify each message;
only those who communicate with the sender personally (and who thus
know the private keys) need to.
Hugh mentions the "one-on-one signed signature method" and that it is
not applicable to broadcast. Well, signing the whole message is not,
but signing a message digest is. This is the whole reason for message
digests, that a message may go out in cleartext, but the validating
information for that message be encrypted. Thus everyone can read the
message, even without knowledge of the public key, but it is possible
to verify the identity if you know it, i.e. you know the private key.