certificates. The public key data is public, and it's a "random" bitpattern where nobody would ever notice a few different bits. If someone finds a collision for microsoft's windows update cert (or a number of other possibilities), and the fan is well and truly buried in it.
Correct me if I'm wrong ... but once finding a hash collision on a public key, you'd also need to find a matching private key, right?
But the odds are that you'd get an easy-to-factor modulus. Would the casual relying party ever notice that? I think not.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
