On Tue, Feb 14, 2006, Bob Mearns wrote: > > Sorry - more details: This isn't a comm aplication - it amounts to > authentication of application data files. The signer is an utility which > exists solely in a vendor's environment. The verifier is an application > that exists in a consumer (potentially hostile) environment. Hence > asymmetric key algorithms are a fit. >
Well if the verifier is in a hostile environment not much will protect you against a few well placed NOPs. If you were using (say) HMAC you'd be faced with either the possibility of finding out the symmetric key or finding out where to patch the binary. With an RSA public key algorithm of that key size the security would be sufficiently low that breaking the private key would also be possible. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
