Anonymous Credit
Florian Weimer
Florian.Weimer at RUS.Uni-Stuttgart.DE
Mon Sep 3 13:44:27 EDT 2001
Ben Laurie <ben at algroup.co.uk> writes:
> Note that you should be rather careful about leaving the private key
> lying around, just in case someone guesses who you are. And, in case it
> isn't obvious, don't use the key for anything else.
Do you really need public key cryptography? What about this: Just
remember some phrase, calculate a cryptographic hash of the phrase and
the document in sequence, and publish the document along with the
hash. If the hash is safe, only you should be able to reveal the
prefix which yields the pubished hash together with the document.
(This assumes that no man-in-the-middle attacks are possible before
the public dissemination of the document and the hash. For example,
the publisher might replace the hash with his own creation.)
[Moderator's note: an HMAC is *much* safer than simply prepending a
key to construct a MAC with a cryptographic hash. --Perry]
The advantage is that you don't need to store any data in order to
claim authorship later on. The disadvantage: in order to be sacure,
the pass phrase has to be quite long, therefore it will be difficult
to remember.
(Please Cc: me on reply, I don't think I'm subscribed to any of the
mailing lists involved.)
--
Florian Weimer Florian.Weimer at RUS.Uni-Stuttgart.DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list