"Weger, B.M.M. de" <[EMAIL PROTECTED]> writes: > > Technically speaking you're correct, they're signing a program. > But most people, certainly non-techies like Alice's boss, > view postscript (or MS Word, or <name your favourite document > format that allows macros>) files not as programs but as static > data. In being targeted at non-techies I find this attack more > convincing than those of Mikle and Kaminsky, though essentially > it's a very similar idea. > > Note that opening the postscript files in an ASCII-editor > (or HEX-editor) immediately reveals the attack. Stefan Lucks > told me they might be able to obfuscate the postscript code, > but again this will only fool the superficial auditor.
Yes, this is all true, but it's kind of orthogonal to my point, which is that if you're willing to execute a program, this attack can be mounted *without* the ability to produce hash collisions. The fact that so few people regard PS, HTML, Word, etc. as software just makes this point that much sharper. As far as I can tell, the ability fo produce hash collisions just makes the attack marginally worse. -Ekr --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
