On Wed, Apr 25, 2007 at 03:24:06PM -0300, Mads Rasmussen wrote: > Jee Hea An, Yevgeniy Dodis and Tal Rabin claims that the order doesn't > matter [2]. Encrypt-then-sign or sign-then-encrypt is equally secure. > Is this really true? My feeling was that the principle from Krawczyk's > paper should apply to the public key setting as well.
Instinctively sign-then-encrypt offers privacy protection: only the intended receipient can verify the signature. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]