-----BEGIN PGP SIGNED MESSAGE----- Hello "Peter Trei" <trei@process.com> and <perry@piermont.com>, cypherpunks@toad.com, trei@process.com P.T. writes:
"Peter Trei" writes: ...
If they're nasty, they'll check on the receiving side as well, to ... Nearly impossible. Why? Because they can only include the public key, ... 1 Alice generates session key K 2 encrypts with Bob's public key, producing Epb(K) 3 extracts 24 bits of K to make K' 4 encrypts with Eve's (spy) public key, producing Epe(K') ...
Eeek! that gives 2^24 possible plaintext/ciphertext pairs. Trivial to brute. 3 should be: extracts 24 bits of K and concatenates it with H(K) to make K' where H is a strong one-way hash. Hope that makes sense... Jiri - -- If you want an answer, please mail to <jirib@cs.monash.edu.au>. On sweeney, I may delete without reading! PGP 463A14D5 (but it's at home so it'll take a day or two) PGP EF0607F9 (but it's at uni so don't rely on it too much) -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBMQDZqCxV6mvvBgf5AQFrMgP/fE6wLHoJYZP6bI5Q29nuqvJNk5pR2WW9 L5URPg2Mc2HsGtjlyZYLEEpnCUAbWWgJ0cM/vHz/1VSApCLkeekZ73IhmEngijGc HoHbl2krgVcKv3D6Rhlhoq4t5JgPbhU3hVpb2MiozxFmOBkZgzUYFC82Sk2leE5O /P8lgTahzNE= =mgkS -----END PGP SIGNATURE-----