# General Crypto Question

Nicholas Paul Johnson nickjohnson at virginia.edu
Mon Apr 19 04:51:07 CEST 2004

Hey,

Not directly related to gpg, but I think some of you may enjoy answering
this.  I'm reading thru _Applied Cryptography_, and I want to make sure I
understand it:

Suppose two people, A and B, know a shared secret S; for simplicity,
pretend it is a long string of bits.

Suppose A wants to send a message M (another long string of bits) to B,
and A wants to sign it.

Would it be sufficient and secure to construct a signature like this:

Signature = One-Way-Hash-Function( Concatenate(M, S) )

In other words, one creates a new string of bits which is the
concatenation of the shared secret and the message, and then hashes that
new string (assume perfect hash function) to yield the signature.  A then
sends both M and the signature to B.

B could then verify the signature by generating the signature from the
M and S in the same manner as above, and then comparing that signature to
the one sent by A.

As the one-way hash function is "perfect", nobody could determine S if he
has a (message, signature) pair.

Am I thinking this out right, or am I missing something critical?

Thanks,
--
Nicholas Paul Johnson                        | Pianos are cool,
| nickjohnson \at\ virginia \dot\ edu        |    o    _______________
| 3ebf10a7 subkeys.pgp.net                   |   /\_  _|             |
| http://manjac.ath.cx/nick                  |  _\__[_______________|
| "When all you've got is a hammer,          |  ] [ \, ][         ][
|  everything looks like a nail."            |
\___ . . .                                  |
| Ping pong is cooler.
"The ways of God are impenetrable...         |   o_,     .    __o
The ways of LINUX are non understandable... |  <o  ____i____   |\o
The ways of WINDOWS are a waste of time ;)" | />    |     |   /|
Marc Breton                                 |
--

`