On 13/06/2010 05:21, Zooko O'Whielacronx wrote:
Folks:
Regarding earlier discussion on these lists about the difficulty of
factoring and post-quantum cryptography and so on, you might be
interested in this note that I just posted to the tahoe-dev list:
100-year digital signatures
On 09/03/2010 03:45 AM, Ben Laurie wrote:
That's the whole point - a hash function used on an arbitrary message
produces one of its possible outputs. Feed that hash back in and it
produces one of a subset of its possible outputs. Each time you do this,
you lose a little entropy (I can't
On Wed, Sep 1, 2010 at 2:55 PM, Ben Laurie b...@links.org wrote:
Therefore, you would end up hashing your messages with a
secure hash function to generate message representatives short
enough to sign.
Way behind the curve here, but this argument seems incorrect. Merkle
signatures rely on
On Sat, Jun 12, 2010 at 10:21:51PM -0600, Zooko O'Whielacronx wrote:
http://tahoe-lafs.org/pipermail/tahoe-dev/2010-June/004439.html
There you ask how the Merkle Signature Scheme depends on collision
resistance. The authors of the paper you link to say that signature
itself depends only on
