From: mccoy@communities.com (Jim McCoy)
Date: Sat, 9 Mar 1996 21:42:23 +0800
To: cypherpunks@toad.com
Subject: Re: Signature 2
Message-ID: <v02140b00ad6277991102@[199.2.22.124]>
MIME-Version: 1.0
Content-Type: text/plain


>Hi,
>
>> Assumption 1 : a privacy key can become uncrackable.
>> Assumption 2 : an individual signature can become immune to fraud.
>> Posit : fuse the two together so that pseudonyms/aliases/online names ensure
>>               complete privacy, but ensure that you talk to the same person
>>               everytime.
>> Probably proposed already.
>
>Unforutnately both of your assumptions are wrong.  A key cannot be
>100% uncrackable, and a signature cannot be 100% immune to fraud.
>With electronic security, there is always a chance that a key can be
>cracked or a signature forged.  The question is how hard is it to
>crack the key or forge the signature?  You need to balance the
>security with the price.

Derek is correct in that your use of the words "uncrackable" and
"immune to fraud" were a bit over the top (in recent years everyone
in the security and crypto community has become very nervous whenever
anyone says things like this; they are usually trying to sell you
something which is neither.)  OTOH, he might want to temper his
statement with a reference to fail-stop signatures...  Just because
someone with a lot of computational resources can produce a private
key which matches your public key does not necessarily mean that
they are the same ones that you generated, only that they found a
set which work for the particular modulus which was chosen...

In the "real world" there is nothing to prevent someone from forging
your real signature on a check or document or from disguising themselves
as you and taking your place at an important business meeting.  The
digital equivalents can be slightly more secure, but nothing is ever
perfect.

jim