Cypherpunk Certification Authority
Bill Stewart
stewarts at ix.netcom.com
Mon Nov 27 12:14:42 PST 1995
At 11:20 AM 11/25/95 -0800, you wrote:
>At 01:53 AM 11/26/95 -0800, anonymous-remailer at shell.portal.com wrote:
>>You'd rather sign before encryption??
>>Doesn't that give you "known plain-text" to attack?
>
>The signature is not known unless the whole message being signed is
>known.
Signatures often have known, or easily guessed, plaintext in them,
like the signer's name or ID number, or various header fields
such as X.509's equivalent to ----- BEGIN PGP ....
>And any encryption scheme that is vulnerable to known plaintext attack
>where only a part of the message is known, is worthless anyway.
DES isn't worthless. It's a bit weak, but not worthless.
#--
# Thanks; Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281
More information about the cypherpunks-legacy
mailing list