General Crypto Question

Nicholas Paul Johnson nickjohnson at
Mon Apr 19 04:51:07 CEST 2004


Not directly related to gpg, but I think some of you may enjoy answering 
this.  I'm reading thru _Applied Cryptography_, and I want to make sure I 
understand it:

Suppose two people, A and B, know a shared secret S; for simplicity,
pretend it is a long string of bits.

Suppose A wants to send a message M (another long string of bits) to B, 
and A wants to sign it.

Would it be sufficient and secure to construct a signature like this:

	Signature = One-Way-Hash-Function( Concatenate(M, S) )

In other words, one creates a new string of bits which is the 
concatenation of the shared secret and the message, and then hashes that 
new string (assume perfect hash function) to yield the signature.  A then 
sends both M and the signature to B.

B could then verify the signature by generating the signature from the 
M and S in the same manner as above, and then comparing that signature to 
the one sent by A.

As the one-way hash function is "perfect", nobody could determine S if he 
has a (message, signature) pair.

Am I thinking this out right, or am I missing something critical?

Nicholas Paul Johnson                        | Pianos are cool,
| nickjohnson \at\ virginia \dot\ edu        |    o    _______________ 
| 3ebf10a7                   |   /\_  _|             |
|                  |  _\__`[_______________|
| "When all you've got is a hammer,          |  ] [ \, ][         ][  
|  everything looks like a nail."            |
 \___ . . .                                  |
                                             | Ping pong is cooler.
"The ways of God are impenetrable...         |   o_,     .    __o  
 The ways of LINUX are non understandable... |  <o  ____i____   |\o  
 The ways of WINDOWS are a waste of time ;)" | />    |     |   /|
 Marc Breton                                 |

More information about the Gnupg-users mailing list