General Crypto Question
Nicholas Paul Johnson
nickjohnson at virginia.edu
Mon Apr 19 04:51:07 CEST 2004
Hey,
Not directly related to gpg, but I think some of you may enjoy answering
this. I'm reading thru _Applied Cryptography_, and I want to make sure I
understand it:
Suppose two people, A and B, know a shared secret S; for simplicity,
pretend it is a long string of bits.
Suppose A wants to send a message M (another long string of bits) to B,
and A wants to sign it.
Would it be sufficient and secure to construct a signature like this:
Signature = One-Way-Hash-Function( Concatenate(M, S) )
In other words, one creates a new string of bits which is the
concatenation of the shared secret and the message, and then hashes that
new string (assume perfect hash function) to yield the signature. A then
sends both M and the signature to B.
B could then verify the signature by generating the signature from the
M and S in the same manner as above, and then comparing that signature to
the one sent by A.
As the one-way hash function is "perfect", nobody could determine S if he
has a (message, signature) pair.
Am I thinking this out right, or am I missing something critical?
Thanks,
--
Nicholas Paul Johnson | Pianos are cool,
| nickjohnson \at\ virginia \dot\ edu | o _______________
| 3ebf10a7 subkeys.pgp.net | /\_ _| |
| http://manjac.ath.cx/nick | _\__`[_______________|
| "When all you've got is a hammer, | ] [ \, ][ ][
| everything looks like a nail." |
\___ . . . |
| Ping pong is cooler.
"The ways of God are impenetrable... | o_, . __o
The ways of LINUX are non understandable... | <o ____i____ |\o
The ways of WINDOWS are a waste of time ;)" | /> | | /|
Marc Breton |
--
More information about the Gnupg-users
mailing list