13 Oct
1992
13 Oct
'92
4:03 p.m.
Hugh asks how, in a broadcast network, we may verify identity. The answer is "statistically." Not everyone needs to verify each message; only those who communicate with the sender personally (and who thus know the private keys) need to. Hugh mentions the "one-on-one signed signature method" and that it is not applicable to broadcast. Well, signing the whole message is not, but signing a message digest is. This is the whole reason for message digests, that a message may go out in cleartext, but the validating information for that message be encrypted. Thus everyone can read the message, even without knowledge of the public key, but it is possible to verify the identity if you know it, i.e. you know the private key. Eric