Intuitive cryptography that's also practical and secure.

Matt Blaze mab at
Tue Jan 30 16:53:15 EST 2007

On Jan 30, 2007, at 16:41, Steven M. Bellovin wrote:

> On Tue, 30 Jan 2007 16:10:47 -0500 (EST)
> "Leichter, Jerry" <leichter_jerrold at> wrote:
>> |
>> | ...There's an obvious cryptographic solution, of course: publish  
>> the
>> | hash of any such documents.  Practically speaking, it's useless.
>> | Apart from having to explain hash functions to lawyers, judges,
>> | members of Congress, editorial page writers, bloggers, and talk
>> | show hosts,...
>> This is a common misconception.  The legal system does
>> not rely on lawyers, judges, members of Congress, and so on
>> understanding how technology or science works.  It doesn't rely on
>> them coming to accept the trustworthiness of the technology on any
>> basis a technologist would consider reasonable.  All it requires is
>> that they accept the authority of experts in the subject area, and
>> that those experts agree "strongly enough" that the mechanism is
>> sound.
> I don't dispute your analysis.  However, this case is not just a legal
> one, it's a political issue, which is why I spoke of "editorial page
> writers, bloggers, and talk show hosts".  All it will take is for
> enough technically-skilled conspiracy theorists to raise the issue of
> hash function collisions and NSA, and we won't hear the end of it for
> decades to come.  (Did you know that President Kennedy was actually
> killed by a large prime factor discovered by the CIA...?)

Yes, and randomized hashes (which many of these applications require
to make them secure) seem especially likely to invite this sort of
ill-informed -- but intuitively attractive -- speculation.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list