Merkle Signature Scheme is the most secure signature scheme possible for general-purpose use

Dave Horsfall dave at horsfall.org
Fri Sep 3 20:45:48 EDT 2010


(De-lurks)

First, let me thank this list for the wonderful breadth and depth of 
knowledge that I've seen over the years; it's a great resource.

On Fri, 3 Sep 2010, Ben Laurie wrote:

> That's the whole point - a hash function used on an arbitrary message 
> produces one of its possible outputs. Feed that hash back in and it 
> produces one of a subset of its possible outputs. Each time you do this, 
> you lose a little entropy (I can't remember how much, but I do remember 
> David Wagner explaining it to me when I discovered this for myself quite 
> a few years ago).

Funny you should mention that.  Back in the late 70s, a work colleague 
suggested that the Unix crypt() function was a ring (we both had 
mathematical backgrounds), which gave me the idea of repeatedly encrypting 
the encrypted root password.

The fastest machine available to me was a PDP-11/70, but I got sprung by 
the sysadmin for chewing up CPU time...

-- Dave

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list