Ben Laurie wrote:
Ian Grigg wrote:
What is the source of the acronym PAIN? Lynn said:
... A security taxonomy, PAIN: * privacy (aka thinks like encryption) * authentication (origin) * integrity (contents) * non-repudiation
I.e., its provenance?
Google shows only a few hits, indicating it is not widespread.
Probably because non-repudiation is a stupid idea: http://www.apache-ssl.org/tech-legal.pdf.
OK, I'm a mere country mouse when it comes to cryptography, so be kind.
:-)
I have read most of the above paper on non-repudiation and noticed on p3 the following footnote:
"Note that there is no theoretical reason that it should be possible to figure out the public key given the private key, either, but it so happens that it is generally possible to do so"
So what's this "generally possible" business about?
Well, AFAIK its always possible, but I was hedging my bets :-) I can imagine a system where both public and private keys are generated from some other stuff which is then discarded.
A few references will do.
If you want the gory details, I recommend the Handbook of Applied Cryptography by Menezes et al., _not_ the Schneier brick. Warning: pretty technical.
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
