8 Sep
2004
8 Sep
'04
3:40 p.m.
From: "\"Hal Finney\"" <hal@finney.org> Sent: Sep 8, 2004 2:48 PM To: cypherpunks@al-qaeda.net Subject: Seth Schoen's Hard to Verify Signatures
The method Seth describes is to include a random value in the signature but not to include it in the message. He shows a sample signature with 3 decimal digits hidden. The only way to verify it is to try all possibilities for the random values. By controlling how much data is hidden in this way, the signer can control how long it will take to verify the signature.
I've seen this described in a paper by Abadi, Lomas & Needham as an alternative to a high iteration count for password hashing.
Hal Finney
--John Kelsey