Hello, On Mon, 27 Nov 1995, Bill Stewart wrote:
Signatures often have known, or easily guessed, plaintext in them, like the signer's name or ID number, or various header fields such as X.509's equivalent to ----- BEGIN PGP ....
If the signature is padded with random junk on the end, then it makes it harder to do a known text attack. There was a message a few days ago by Anderson and someone else (in England) that dealt with weaknesses in some encryption protocols. It was good to read.
DES isn't worthless. It's a bit weak, but not worthless.
Even though he didn't have proof Bruce Schneier stated in "Applied Cryptography 2nd Ed" that the NSA might have a machine that can crack DES in 15 mins, and maybe as low as 3-5, as one was built and sold. The book can explain it more, as I am doing this from memory. Take care and have fun. ========================================================================== James Black (Comp Sci/Comp Eng sophomore) e-mail: black@eng.usf.edu http://www.eng.usf.edu/~black/index.html **************************************************************************