----- Original Message -----
From: "Darryl Wagoner" <[EMAIL PROTECTED]>
Subject: security in small signatures
> I was wondering if using a 6 characters check signature (0-9A-Z)
> could provide any trust level?
> Are we talking about mins, hours, days or weeks to crack?
You'd be looking at a fraction of a second. You'd be looking at a work
effort of 36^3 = 216. Since you chose DSA (which won't work, you need the
entire signature to verify DSA or any other signature algorithm) I'll just
use it's numbers:
36^3 = 216
DSA sign = 1.77 milliseconds (http://www.eskimo.com/~weidai/benchmarks.html)
Time = 216*1.77 milliseconds = 0.38 seconds
To find a collision.
If you're looking for small signatures I'd recommend that you take a look at
the Cryptonessie signatures (http://www.cryptonessie.org) A few of them
offer small signatures.
Joe
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
