Non-repudiation for the message is not guaranteed by a hash. There is more than 1 message that could match that hash.
Jon. On Monday, August 26, 2019, 02:42:27 PM PDT, Charles Mills <charl...@mcn.org> wrote: Yow! Expensive in terms of CPU time. Wouldn't (ideally at least) foo encrypt it with a random secret key and then send it to bar encrypted with bar's public key? To provide non-repudiation -- to sign a document -- it is only necessary for the sender to encrypt a hash of the message with the sender's private key. Much cheaper than two long public key encryptions. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
