From: William Whyte <wwhyte@baltimore.ie>
Date: Wed, 23 Sep 1998 03:39:33 +0800
To: "'Anonymous'" <cryptography@c2.net>
Subject: RE: ArcotSign
Message-ID: <01BDE6D6.415B1540.wwhyte@baltimore.ie>
MIME-Version: 1.0
Content-Type: text/plain



> For this to work, the public key has to be kept secret(!).
>...
> As Greg points out, much the same could be accomplished simply by having
> the servers share secret 3DES keys with their users, each user having his
> own private 3DES key.  The users could encrypt messages using their 3DES
> key and the server would decrypt using the appropriate key, which would
> also serve to authenticate the user.

The difference between this scheme and a shared-secret scheme (if I
understand this scheme correctly) is that Arcot's infrastructure gives
you non-repudiation -- the central server can't forge authenticated
messages from you -- and so it's suitable for transactions of value
in a way that a shared-secret scheme isn't.

Cheers,

William