[87927] in cryptography@c2.net mail archive
Re: Public key encrypt-then-sign or sign-then-encrypt?
daemon@ATHENA.MIT.EDU (Travis H.)
Wed May 9 15:15:39 2007
Date: Wed, 9 May 2007 10:36:30 -0500
From: "Travis H." <travis+ml-cryptography@subspacefield.org>
To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <4638AE63.3000409@garlic.com>
--AQNmCumFClRcGgHG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, May 02, 2007 at 09:29:39AM -0600, Anne & Lynn Wheeler wrote:
> where there is possibly the suggestion that if the only thing being=20
> performed
> is authentication (and doesn't require either integrity and/or privacy) .=
=2E.
> then possibly a totally different protocol by utilized (rather than
> digital signature)
This reminds me a bit of a suggestion I once heard for protocol
designers that the messages of the various steps of the protocol
include a step number or something like it to prevent cut-and-paste
attacks (presumably each message has some redundancy to protect the
integrity/authenticity as well, like a running hash covering all the
previous messages (in this direction)).
I wonder if something similar couldn't be done with digital
signatures, where the input is padded with data that indicates the
semantics of the signature; not unlike the forms which say "by signing
here I agree that..."
This also makes it very difficult for the opponent to do any kind
of chosen-plaintext trickery since the plaintext will be framed
with this data that the opponent does not control, but that is
also true with other padding options and such.
--=20
Kill dash nine, and its no more CPU time, kill dash nine, and that
process is mine. -><- <URL:http://www.subspacefield.org/~travis/>
For a good time on my UBE blacklist, email john@subspacefield.org.
--AQNmCumFClRcGgHG
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (OpenBSD)
iQIVAwUBRkHqfmQVZZEDJt9HAQIhNhAAhR9ytj6LT9YICO8Y51Fma/ZMrRt+xYIZ
bfNdpLcFCegnpATT45ZhCL0f/A5PFPeJzO3z7pJhzB+MXiKQO3ijm58h9ZO2ISk2
Cyg0NG/BTn0iVX7Msm4M+CXPd/cGnb19iCgA66eNe0ECT9V2THupBTuhv44iCvmI
nwkh3xMgoNtv9pXrISvHOdQPRB9aeY7htUOsJlqZK925FrescLd8ch12Y7AQpGYE
CD7TrYPYC+po5eNvDp2pw/I1GDOLU/ozQBBEUVUlZTD7af6177nKRlSI7YeN4bme
7sebfn8FYWN+kuhlek1LIXpC8H59yxR1A78Lxtysbb1r/to038CJq/z42faZye9g
WptnPpl4oFm6t44wKVAHDkiZl85Z5J3FI3YE6qmoIsgU0pD5nMOJJcLAyZcC9SzH
phU5fjSAK5YE5VbAyixdEAkTFlWOUsQBYijlMZKpcxzwVGKGE8Z3iKTG5d+KnBsd
EUlSUEzRwlTH8D2hYzSxk7I7sgN/O5SnHk3RyagsDcVJIyL3wGUEuJxuvbDDcZaD
fZmNal2BobLmsA5HkG4KaehtyjqMEuENtAcGzZ2/olF5gzUgDuoxtO5e4y/5vzzH
8fpqJQb8uH9ypHzEa6i55eVVkaP7LfLEt/JViQbg75PBekkfj7RtgtBZjwsGbfHM
Y1e2ks3HJdc=
=X9/q
-----END PGP SIGNATURE-----
--AQNmCumFClRcGgHG--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
