Re: Cypherpunk Certification Authority
On Sat, 25 Nov 1995, Adam Shostack wrote:
Does X.509 version 3 fix the problem that Ross Anderson points out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)
Its an excellent paper, well worth reading, but the basic problem is that X.509 encrypts before signing.
You'd rather sign before encryption?? Doesn't that give you "known plain-text" to attack? i.e. the signature. I'm not sure whether it would or wouldn't, but I'm sure some cryptographers here might clear that up mighty quick -- before any more harm is allowed, I mean.
Adam
-- "It is seldom that liberty of any kind is lost all at once." -Hume
Alice de 'nonymous ... ...just another one of those... P.S. This post is in the public domain. C. S. U. M. O. C. L. U. N. E.
Hello, On Sun, 26 Nov 1995 anonymous-remailer@shell.portal.com wrote:
Its an excellent paper, well worth reading, but the basic problem is that X.509 encrypts before signing.
You'd rather sign before encryption??
Doesn't that give you "known plain-text" to attack? i.e. the signature.
I'm not sure whether it would or wouldn't, but I'm sure some cryptographers here might clear that up mighty quick -- before any more harm is allowed, I mean.
The paper suggested that you have two different keys, one for encryption and the other for signatures, and you don't mix the two up, so that way you are protecting yourself from someone forging your signature, but you are not letting them know what your private key is. Make sense? I would suggest that you read the paper, as it is really an excellent document. ========================================================================== James Black (Comp Sci/Comp Eng sophomore) e-mail: black@eng.usf.edu http://www.eng.usf.edu/~black/index.html **************************************************************************
participants (2)
-
anonymous-remailerï¼ shell.portal.com -
James Black