From: lmccarth@ducie.cs.umass.edu
To: cypherpunks@toad.com
Message Hash: 2811b5630f73f84155b474c2cb9e16793c3908fa122654cdc1a6b7c35fc01390
Message ID: <199412020227.VAA06380@bb.hks.net>
Reply To: N/A
UTC Datetime: 1994-12-02 02:22:39 UTC
Raw Date: Thu, 1 Dec 94 18:22:39 PST
From: lmccarth@ducie.cs.umass.edu
Date: Thu, 1 Dec 94 18:22:39 PST
To: cypherpunks@toad.com
Subject: Re: making public keys public
Message-ID: <199412020227.VAA06380@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain
[This message has been signed by an auto-signing service.
A valid signature means only that it has been received at
the address belonging to the signature and forwarded.]
-----BEGIN PGP SIGNED MESSAGE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Eric writes:
> someone (Alex Strasheim ?) writes:
> Perhaps we would have
> a default web, which would have everyone's key in it.
>
> This is a really bad idea. Some "public" keys should not be made
> public, but rather revealed only to the correspondent. Forward
> secrecy is the reason. If the public key has never been in the
> possession of an opponent, and assuming the results of the public key
> operation yield little or no information about the modulus, then when
> the keys are changed and destroyed, no amount of factoring can find
> the private key because the public key isn't around to factor.
If you're not going to make the public key public, why use public key
cryptography at all ? Save time and effort and use a symmetric cipher.
- - -L. Futplex McCarthy; PGP key by finger or server
"Don't say my head was empty, when I had things to hide...." --Men at Work
- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1
iQCVAwUBLt6Eq2f7YYibNzjpAQGIJQQAvKd0jyHXkaNfXp787EXQl/dXMYUXz8dB
dF9NF9tiYp761ZwtkeKOoASZGYWvygO+8nseE/1pFz9Gns1XkUM0uyHvg4nvgIWj
CJHtVsbV2rtRFZfIjDwD3wqsfRTRms5JvFcRpUsOSKol93hcabnIf3Vx9EAdIUSv
hEtvQUBhzKY=
=3yjE
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQBFAwUBLt6F9SoZzwIn1bdtAQFUvwGAhbycPCwIjZGjGeNMWkgnxQUJw6v2RpU3
Z2hvAV6sSiz3+wyLlkR+Nz9nTgRHqjWT
=RaG/
-----END PGP SIGNATURE-----
Return to December 1994
Return to “lmccarth@ducie.cs.umass.edu”