Super-Encryption
mlong at bridgetonconsulting.com
mlong at bridgetonconsulting.com
Mon Dec 15 09:25:36 EST 2003
Quoting Ben Laurie <ben at algroup.co.uk>:
> I don't see any value added by cipher1 - what's the point?
The message is encrypted, i.e, cipher1, then cipher1 is encrypted yeilding
cipher2.
Since symmetric_key1 of cipher1 is RSA_Encrypt(sender's private key), access
to sender's public key can decrypt cipher1(must be *this* sender).
Since symmetric_key2 of cipher2 is RSA_Encrypt(receiver's public key), only
the receiver can decrypt cipher2.
As was pointed out to me, the process of decrypting cipher2, yields an
encrypted message, i.e., cipher1, that can forwarded on behalf of the original
sender. This is not necessarily undesirable. However, SHA1(message) is to
ensure that cipher1 has not be altered in transport. Therefore, the receiver
knows three items.
(1) The sender who originated the message.
(2) The receiver is the intended receiver.
(3) The message was not altered during transport.
Thx,
-Matt
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list