1998-10-14 - Re: more Toto keys… so what’s it all mean
Header Data
From: Martin Minow <minow@pobox.com>
To: Adam Back <cypherpunks@cyberpass.net
Message Hash: ff6d056e77637f1e63cde9b0262933543baa43c524c3f4441c6f7c1b9d4d0f53
Message ID: <v03102802b24a93869e11@[17.202.40.158]>
Reply To: <199810141529.QAA32138@server.eternity.org>
UTC Datetime: 1998-10-14 18:28:36 UTC
Raw Date: Thu, 15 Oct 1998 02:28:36 +0800
Raw message
From: Martin Minow <minow@pobox.com>
Date: Thu, 15 Oct 1998 02:28:36 +0800
To: Adam Back <cypherpunks@cyberpass.net
Subject: Re: more Toto keys... so what's it all mean
In-Reply-To: <199810141529.QAA32138@server.eternity.org>
Message-ID: <v03102802b24a93869e11@[17.202.40.158]>
MIME-Version: 1.0
Content-Type: text/plain
Adam Back <aba@dcs.ex.ac.uk> summarizes the Toto-files by noting
>
>As to what it means -- it means that one or more others could have
>been the author of the message the IRS claim Carl Johnson wrote. Heck
>anyone could sign posts with that key now.
>
This suggests that a cynical, paranoid, person could create a
"deniable" signature key by doing what "Toto" did:
1. Choosing a key length that a "very competent attacker" (i.e.
a TLA), and only a "very competent attacker", could factor.
2. Signing a message and leaving the public key that signed
that message on a public site.
Now, when you are accused of signing a message, you can raise
a "reasonable doubt" defence by claiming that the TLA may have
reconstructed the private key that signed the message in question.
Martin Minow
minow@pobox.com
Thread
Return to October 1998
- Return to “Adam Back <aba@dcs.ex.ac.uk>”
Return to “Martin Minow <minow@pobox.com>”
- 1998-10-14 (Thu, 15 Oct 1998 00:23:01 +0800) - more Toto keys… so what’s it all mean - Adam Back <aba@dcs.ex.ac.uk>
- 1998-10-14 (Thu, 15 Oct 1998 02:28:36 +0800) - Re: more Toto keys… so what’s it all mean - Martin Minow <minow@pobox.com>