From: Bill Stewart <stewarts@ix.netcom.com>
To: cypherpunks@toad.com
Message Hash: 273f1a7c3edcc788f03f5b1993911e560b183753acd73138e01a32b32e7d0b3f
Message ID: <199511271952.LAA26633@ix3.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1995-11-27 20:14:42 UTC
Raw Date: Tue, 28 Nov 1995 04:14:42 +0800
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 28 Nov 1995 04:14:42 +0800
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Certification Authority
Message-ID: <199511271952.LAA26633@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 11:20 AM 11/25/95 -0800, you wrote:
>At 01:53 AM 11/26/95 -0800, anonymous-remailer@shell.portal.com wrote:
>>You'd rather sign before encryption??
>>Doesn't that give you "known plain-text" to attack?
>
>The signature is not known unless the whole message being signed is
>known.
Signatures often have known, or easily guessed, plaintext in them,
like the signer's name or ID number, or various header fields
such as X.509's equivalent to ----- BEGIN PGP ....
>And any encryption scheme that is vulnerable to known plaintext attack
>where only a part of the message is known, is worthless anyway.
DES isn't worthless. It's a bit weak, but not worthless.
#--
# Thanks; Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281
Return to November 1995
Return to “James Black <black@sunflash.eng.usf.edu>”