---------- From: <Ben.Goren@asu.edu> To: Matt Thomlinson Subject: Re: How do I know if its encrypted? Date: Friday, January 13, 1995 12:27PM At 9:35 AM 1/13/95, Matt Thomlinson wrote:

make "handful of plaintext" - > "hash of the plaintext" and you've got yourself a decent system. :)

(this way, alice can keep a hash of the plaintext, hash of the ciphertext, and a key around for recovery, without keeping ANY plaintext. Also, for someone to request the data, knowing part of the message won't work; now they've got to know the entire message to recreate the hash.

That would be a little more secure, but I'm thinking that the "handful of plaintext" would be a random number of some kind that the user prepends to the file before encrypting. This is kinder on the data haven's CPU; compare even 3DES of, say, 256 bits to IDEA of a few megabytes followed by MD5 of same. Plus, it offers the operater even more deniability: he doesn't even look at the whole file, but just enough to be sure that it's what it's supposed to be. Presumably, the data haven will specify how much a handful is, and offer a client program that generates all this automatically.

matt

You sent this to me privately, so that's how I'm replying. If you don't mind, though, please forward this on to the list. b& -- Ben.Goren@asu.edu, Arizona State University School of Music Finger ben@tux.music.asu.edu for PGP public key ID 0xCFF23BD5.