CHALLENGE response (fwd)
Subject: CHALLENGE response (fwd)
The whole point of the CHALLENGE response went straight over his head, didn't it?
It didn't go over my head at all. What amazes me is that it took you this long to figure out that one could munge signatures.
We have here the first known case where a key was constructed ex post facto to validate a signed message, in response to Adam Back's challenge.
Um, I don't believe that is true. It may be the first time members of this list have managed it.
No longer can you assume that just because you posted a signed message on a certain date, and you hold the public key which signed that message, that you can later prove authorship. It challenges some of the implicit assumptions which have been made in using public key cryptography.
No, it challenges basic assumptions regarding the importance of identity. In no way does it effect the basic math of crypto, public or otherwise. And people wonder why I don't sign my messages...
And all Jim Choate can do is take issue with a snippet of Toto's ravings which were included purely to illustrate the signature validity. He is completely unaware of what is really happening.
I've taken no issue with Toto or his ravings. Have a nice day. ____________________________________________________________________ The seeker is a finder. Ancient Persian Proverb The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------
Jim Choate writes:
Anonmous writes:
Subject: CHALLENGE response (fwd)
The whole point of the CHALLENGE response went straight over his head, didn't it?
It didn't go over my head at all. What amazes me is that it took you this long to figure out that one could munge signatures.
Munge signatures!? He generated an RSA key pair to match the pre-published signature based on generating primes of special form and/or using multiple smaller primes to construct an n which he could perform discrete logs in (plus a dead beef attack), and all you can say is the above. You should take you hat off to anonymous.
No longer can you assume that just because you posted a signed message on a certain date, and you hold the public key which signed that message, that you can later prove authorship. It challenges some of the implicit assumptions which have been made in using public key cryptography.
No, it challenges basic assumptions regarding the importance of identity. In no way does it effect the basic math of crypto, public or otherwise.
It affects crypto: it means that one published signature is not sufficient to provide a provable relationship between a signed message and a public key. You have to provide two signatures. For example anonymous provide three signatures which check with that key (one is self sig on the key). Therefore it is not possible for someone to do the same attack again against his published signatures: they could match any one of the signatures, but no more. It may even be that there exist crypto protocols affected by this. Adam
participants (2)
-
Adam Back -
Jim Choate