From: Wei Dai <weidai@eskimo.com>
To: Hal <hfinney@shell.portal.com>
Message Hash: 6edbd952d77d737bd61f696116b2ca0ce5fd14d777d0ff507a8f5d510d848562
Message ID: <Pine.SUN.3.93.960424141313.12174A-100000@eskimo.com>
Reply To: <199604241415.HAA02557@jobe.shell.portal.com>
UTC Datetime: 1996-04-24 21:23:16 UTC
Raw Date: Wed, 24 Apr 1996 14:23:16 -0700 (PDT)
From: Wei Dai <weidai@eskimo.com>
Date: Wed, 24 Apr 1996 14:23:16 -0700 (PDT)
To: Hal <hfinney@shell.portal.com>
Subject: Re: Golden Key Campaign
In-Reply-To: <199604241415.HAA02557@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.93.960424141313.12174A-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain
On Wed, 24 Apr 1996, Hal wrote:
> Rabin encryption would have the advantage that it could be used with
> existing RSA keys as long as the modulus is a Blum modulus. PGP at least
> has always used Blum moduli, perhaps for this eventuality. So an
> alternative encryption program could use Rabin encryption and work with
> the existing infrastructure of PGP keys. It would not of course be
> compatible with PGP for encryption and decryption.
>
> This doesn't solve the signature problem; I'm not sure if there is a
> signature algorithm which could use RSA public keys but which is not
> covered by the RSA patent. In any case since PGP key certificates use
> RSA signatures it would not appear to be possible to validate key
> signatures without infringing on the RSA patents, so that cancels out a
> lot of the advantages of using existing PGP keys.
You can do signatures with Rabin too. I have a version of it in
Crypto++ 2.0. It's been out for a while and RSA hasn't bothered me about
it.
Does anyone want to explain why, given the alternatives, people continue
to use RSA and pay for it?
Wei Dai
Return to April 1996
Return to “Wei Dai <weidai@eskimo.com>”