-----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- One of the possible weaknesses in public-key messages is their dependence upon a particular symetric cypher for the message with the session key being contained in the block encrypted by the antisymetric cypher. IE, if a weakness in IDEA is discovered, it can be exploited against all PGP messages. I'm wondering: would the strength be increased by using a randomly selected symetric cypher? IE, as PGP uses IDEA and RIPEM uses DES/3DES, what if a random cypher were selected from a set of cryptographically strong symetric cyphers and information about the cypher selected were encrypted in the RSA-encrypted block? I guess this reduces to: do strong cyphers have "signatures" of some sort, by which the type of encryption can be derived? And if so, can this "signature" be reduced by including part (eg, the first and last bytes) of the ciphertext in the RSA block rather than the "clear" cyphertext block? Just a thought, - - -- Todd Masco | "life without caution/ the only worth living / love for a man/ cactus@hks.net | love for a woman/ love for the facts/ protectless" - A Rich Cactus' Homepage - -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLxQorxNhgovrPB7dAQF+HgP/b6RVkLS0vyjpVoHy1iF8IDgH1VFwci03 ZpD4tvQ+amZ3OLfMPNvM3jV3br6+/xVKax07yP0r26jbqV3T0RCNMzKLrQjnoyep /h+DBNfboeU4BkhhJFIayLp0w+ykJRvzWoa72l4Uzos66Nu9n/spXwBbrGYD3awe dUUr4YzLnhU= =xON2 - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLxRjjSoZzwIn1bdtAQEt2gF/bnrL7r8CycdWz5H80DLpEFGRvDFy7zfF OQQjnGTDmdSv+d3lQOfnqP7mKJJbyqo4 =QXEU -----END PGP SIGNATURE-----