PlayStation 3 predicts next US president

James A. Donald jamesd at
Sat Dec 1 21:58:35 EST 2007

 > There are no circumstances in which any reputable
 > certifier will ever certify any of the "multitude"
 > containing a hidden pdf image, especially where
 > generated by another party.

So the certifier is going to go through each thing he
certifies, to make sure there is nothing funny about it?
The whole point of MD5 is to automate that stuff.  If an
actual human has to go through it, and understand what
it means, and certify the *meaning* then there is no
reason to take an MD5 hash.

 > The attack requires the certifier to be compromised,
 > either to certify documents that the certifier did not
 > generate

That is what certifiers do.  It is what they are
supposed to do.  You seem to have confused certification
with signing.

 > or to include the chosen text (hidden image) in its
 > documents in exactly the correct location.

If it is a certifier, these are not "its" documents.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list