Good work. In fact, I knew days ago that you would post this... I agree with you about intuitive cryptography. What you're complaining about is, in effect, "Why Johnny Can't Hash". There was another instance of that in today's NY Times. In one of the court cases stemming from the warrantless wiretapping, the Justice Department is, in the holy name of security, effectively filing court papers with itself -- it's depositing the "filings" in a secure facility, rather than with the court, to protect them. I won't go into the legal, political, judicial, or downright bizarre aspects of this case (save to note that one of the plaintiff's attorneys was quoted as saying "Sometime during all of this, I went on Amazon and ordered a copy of Kafka?s ?The Trial,? because I needed a refresher course in bizarre legal procedures."), but one point the article mentioned is relevant here: how is the record preserved for a possible appeal? Indeed, one of the judges involved has commented on that point.
There's an obvious cryptographic solution, of course: publish the hash of any such documents. Practically speaking, it's useless. Apart from having to explain hash functions to lawyers, judges, members of Congress, editorial page writers, bloggers, and talk show hosts, is this a time you'd want to stand up before a Congressional committee and testify that some NSA technology, i.e., SHA-512, that NIST thinks needs replacing, is still strong enough to protect documents that concern possible NSA misconduct? And of course, collision attacks are precisely the concern here. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]