Eric Rescorla wrote:
> The attack you describe: creating a document with a SPECIFIC digest,
> is 2^n hard ...
Eric is of course correct.
__
OpenSSL Project http://www.openssl.org
User Support Mail
> -Original Message-
> From: Eric Rescorla [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 07, 2001 5:29 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Cryptology Questions
>
>
> Bernard Dautrevaux <[EMAIL PROTECTED]> writes:
> > It's even worst t
Bernard Dautrevaux <[EMAIL PROTECTED]> writes:
> It's even worst than that: Alice can agree with Bob to the original
> contract, and have Bob sign it. THEN she have:
>- The contract itself (which can be used to generate the MD5 digest)
>- Bob's signed MD5 digest
>
> Then applying the birt
> -Original Message-
> From: Michael Wojcik [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, December 06, 2001 10:46 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Cryptology Questions
>
>
> > From: Neff Robert A [mailto:[EMAIL PROTECTED]]
> > Sent: Th
ROHRER, KEITH W (AIT) [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 06, 2001 5:53 PM
To: '[EMAIL PROTECTED]'
Subject: RE: Cryptology Questions
Regarding key distribution, no one but the owner should have access to the
private key. What reason would the server have for sending a c
Title: RE: Cryptology Questions
Yes,
the digest is used to validate that the data wasn't altered. Remember that
anyone can calculate the digest of a message. If the digest wasn't
encrypted with your private key, then someone could change the data, recompute
the digest, and ex
Andrew Finnell <[EMAIL PROTECTED]> writes:
> I was wondering if someone could help me out. I have to speak with
> some cryptology experts later today and was wondering if some answers could
> be answered.
>
> 1. What is the normal/(most secure) way to store private keys and
> protect
Erwann ABALEA <[EMAIL PROTECTED]> writes:
> On Thu, 6 Dec 2001, Andrew Finnell wrote:
>
> > digest. I did not know it was a checksum to validate that the data wasn't
> > altered.
>
> It's more robust than the usual "checksums" (CRC). You can easily fool a
> CRC32, but fooling a cryptographic di
On Thu, 6 Dec 2001, Andrew Finnell wrote:
> digest. I did not know it was a checksum to validate that the data wasn't
> altered.
It's more robust than the usual "checksums" (CRC). You can easily fool a
CRC32, but fooling a cryptographic digest is another matter... In fact,
for MD5 and SHA1, nobo
Title: RE: Cryptology Questions
Neff,
Thanks for the quick response. You actually helped me understand some aspects that I didnt truely understand before. For example the message digest. I did not know it was a checksum to validate that the data wasn't altered.
--- More ques
Title: Cryptology Questions
hmmm...a tall order for us busy folks...but I'll help you out
some.
1. Provided you are using a "strong" password to
encrypt your key when using DES-CBC
you are pretty secure.
Remember that if
I can get access to, or copy, your .pem file
from
off your machine
11 matches
Mail list logo
