>
> I'm sure Joseph knows all the following, but just to clarify:
>
> With "36^3" Joseph's referring to finding two pre-images that hash to the
> same image. For that attack, the work effort would indeed be 36^3. It's
> not clear from Darryl's query whether his protocol is vulnerable to such an
> attack (since we don't know what his protocol is for), but it's unlikely
> that it isn't.
Greetings,
The protocol would be (I think Joseph has made it clear that within a few
minutes the signature could be created to match the signed text):
Alice (AL1CE) make contact with Bob (N1BOB). Alice sends Bob
her contact information which is call sign (AL1CE), Bob's signal
report (47), and gets a Bob's signal report(59) and Bob's Call
sign(N1BOB). Alice takes the information N1BOB/59/47 and feeds it
into a signature scheme which outputs the signature 4UAP73 which
Alice sends to Bob to validate the contact.
The attacker would have the following:
1. Alice's public key
2. The open source SDK to validate the signature (along with
the rest of the sources)
Given that an attacker could do a brute force attack of the
data until a matching signature is found. I just did ran the
a program which loop thur calling DSA_verify and found that
it took 9 seconds to check 1000 signatures on a 400mhz PII,
but in doing the I discover a missing piece in that I can't
use DSA because I don't have a complete signature. I would
have to do something like RSA and encrypt the hash, then
use the public key to decrypt and compare.
Anyway this doesn't sound like something I want to deal with
for the first release.
Thanks again for all the advice.
Darryl WA1GON
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
