[10063] in cryptography@c2.net mail archive
Anyone familiar with ntru?
daemon@ATHENA.MIT.EDU (John R Levine)
Sun Jan 6 23:55:33 2002
Date: Sun, 6 Jan 2002 22:52:35 -0500 (EST)
From: John R Levine <johnl@iecc.com>
To: cryptography@wasabisystems.com
Message-ID: <Pine.BSI.4.40.0201062240450.19931-100000@tom.iecc.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
I have a note from someone telling me how wonderful NTRU's public key
system is, and how it's gonna make all our wireless communications
wonderfully secure.
So I have two sort of related questions:
a) Are they for real? It's fully published and all that, but my abstract
algebra is pretty rusty. Poking around on the net I found a paper from
France claiming to have cracked their signature algorithm (but not the
underlying crypto scheme.)
b) For applications like toll passes, who cares? In these applications,
the vendor generates the key and sends out the dongle to the user, and the
dongle only validates against the vendor's system. (The Mobil/Exxon
speedpass is another example.) I would think that rather than going to
the computational expense of public keys, it'd be just as secure to send
back a hash of a challenge phrase and the dong;e's key. This means that
the vendor keeps all the secrets, but in this case so what? I can tell
you from experience that the main security problem with speedpass is that
you lose it not high-tech cloning, and I'd think that if a bad guy were
planning to clone the dongles, the nature of the algorithm performed on
the dongle's secret key wouldn't make any difference.
TIA and all that.
Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
Write for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4 2D AC 1E 9E A6 36 A3 47
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
