[43999] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: Cypherpunk Certification Authority

daemon@ATHENA.MIT.EDU (Bill Stewart)
Mon Nov 27 14:59:46 1995

Date: Mon, 27 Nov 1995 11:53:22 -0800
To: cypherpunks@toad.com
From: Bill Stewart <stewarts@ix.netcom.com>

At 11:20 AM 11/25/95 -0800, you wrote:
>At 01:53 AM 11/26/95 -0800, anonymous-remailer@shell.portal.com wrote:
>>You'd rather sign before encryption??
>>Doesn't that give you "known plain-text" to attack?
>
>The signature is not known unless the whole message being signed is
>known.

Signatures often have known, or easily guessed, plaintext in them,
like the signer's name or ID number, or various header fields
such as X.509's equivalent to ----- BEGIN PGP ....

>And any encryption scheme that is vulnerable to known plaintext attack
>where only a part of the message is known, is worthless anyway.

DES isn't worthless.  It's a bit weak, but not worthless.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281



home help back first fref pref prev next nref lref last post