[144855] in cryptography@c2.net mail archive
Re: how to encrypt and integrity-check with only one key
daemon@ATHENA.MIT.EDU (Zooko Wilcox-O'Hearn)
Mon Sep 14 23:07:52 2009
In-Reply-To: <93D8E0CD-C6B0-448B-A09C-9500590D2106@zooko.com>
From: Zooko Wilcox-O'Hearn <zooko@zooko.com>
Date: Mon, 14 Sep 2009 19:18:25 -0600
To: Cryptography List <cryptography@metzdowd.com>
following-up to my own post:
On Monday,2009-09-14, at 10:22 , Zooko Wilcox-O'Hearn wrote:
> David-Sarah Hopwood suggested the improvement that the integrity-
> check value "V" could be computed as an integrity check (i.e. a
> secure hash) on the K1_enc in addition to the file contents.
Oops, that's impossible. What David-Sarah Hopwood actually said was
that this would be nice if it were possible, but since it isn't then
people should pass around the tuple of (v, K1_enc) whenever they want
to verify the integrity of the ciphertext.
http://allmydata.org/pipermail/tahoe-dev/2009-September/002798.html
Regards,
Zooko
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com