PlayStation 3 predicts next US president

James A. Donald jamesd at
Mon Dec 3 20:28:17 EST 2007

Dirk-Willem van Gulik wrote:
 >> Keep in mind that the notary is still 'careful' --
 >> effectively they sign the hash -- rather than the
 >> document; and state either such (e.g. in the case of
 >> some software/code where you do not hand over the
 >> actual code) or state that _a_ document was presented
 >> with said hash.

William Allen Simpson wrote:
 > And that makes all the difference.  The digital notary
 > is not certifying the original document.  You
 > described the notary generating its own tuples
 > (credentials as presented, the hash, a timestamp, and
 > a notarized declaration that such was presented).
 > There is no problem, and the described attack does not
 > apply.

The described attack does apply:  The notary has
complied with normal procedures and with the rules, but
the rules and procedure fail to have the desired effect,
because an MD5 hash lacks the desired properties.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list