On Tue, Sep 05, 2006 at 12:20:57PM -0400, Evan Daniel wrote: > On 9/5/06, Michael Rogers <m.rogers at cs.ucl.ac.uk> wrote: > >-----BEGIN PGP SIGNED MESSAGE----- > >Hash: SHA1 > > > >Matthew Toseland wrote: > >> We will be using STS, at least initially. Which means checking a > >> signature. > > > >Cool, IANAC but I think we should be OK. > > As long as we're signing the data, not its hash; in normal use, one > signs the hash of the data for compute cost reasons (and IIRC there > are security reasons too, but I don't have Applied Cryptography in > front of me right now). That is secure as long as there is second > preimage resistance, but the hash function *is* security critical.
Signing the actual data would take a huge amount of space, and there may be security reasons as well. We need to sign the hash. > > Evan -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20060906/507a70d3/attachment.pgp>
