[145806] in cryptography@c2.net mail archive
Re: Merkle Signature Scheme is the most secure signature scheme
daemon@ATHENA.MIT.EDU (Dave Horsfall)
Sat Sep 4 10:37:05 2010
Date: Sat, 4 Sep 2010 10:45:48 +1000 (EST)
From: Dave Horsfall <dave@horsfall.org>
To: Cryptography List <cryptography@metzdowd.com>
In-Reply-To: <4C80B5A0.2090100@links.org>
(De-lurks)
First, let me thank this list for the wonderful breadth and depth of
knowledge that I've seen over the years; it's a great resource.
On Fri, 3 Sep 2010, Ben Laurie wrote:
> That's the whole point - a hash function used on an arbitrary message
> produces one of its possible outputs. Feed that hash back in and it
> produces one of a subset of its possible outputs. Each time you do this,
> you lose a little entropy (I can't remember how much, but I do remember
> David Wagner explaining it to me when I discovered this for myself quite
> a few years ago).
Funny you should mention that. Back in the late 70s, a work colleague
suggested that the Unix crypt() function was a ring (we both had
mathematical backgrounds), which gave me the idea of repeatedly encrypting
the encrypted root password.
The fastest machine available to me was a PDP-11/70, but I got sprung by
the sysadmin for chewing up CPU time...
-- Dave
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
