Merkle Signature Scheme is the most secure signature scheme possible for general-purpose use
Dave Horsfall
dave at horsfall.org
Fri Sep 3 20:45:48 EDT 2010
(De-lurks)
First, let me thank this list for the wonderful breadth and depth of
knowledge that I've seen over the years; it's a great resource.
On Fri, 3 Sep 2010, Ben Laurie wrote:
> That's the whole point - a hash function used on an arbitrary message
> produces one of its possible outputs. Feed that hash back in and it
> produces one of a subset of its possible outputs. Each time you do this,
> you lose a little entropy (I can't remember how much, but I do remember
> David Wagner explaining it to me when I discovered this for myself quite
> a few years ago).
Funny you should mention that. Back in the late 70s, a work colleague
suggested that the Unix crypt() function was a ring (we both had
mathematical backgrounds), which gave me the idea of repeatedly encrypting
the encrypted root password.
The fastest machine available to me was a PDP-11/70, but I got sprung by
the sysadmin for chewing up CPU time...
-- Dave
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list