I have a note from someone telling me how wonderful NTRU's public key system is, and how it's gonna make all our wireless communications wonderfully secure.
So I have two sort of related questions: a) Are they for real? It's fully published and all that, but my abstract algebra is pretty rusty. Poking around on the net I found a paper from France claiming to have cracked their signature algorithm (but not the underlying crypto scheme.) b) For applications like toll passes, who cares? In these applications, the vendor generates the key and sends out the dongle to the user, and the dongle only validates against the vendor's system. (The Mobil/Exxon speedpass is another example.) I would think that rather than going to the computational expense of public keys, it'd be just as secure to send back a hash of a challenge phrase and the dong;e's key. This means that the vendor keeps all the secrets, but in this case so what? I can tell you from experience that the main security problem with speedpass is that you lose it not high-tech cloning, and I'd think that if a bad guy were planning to clone the dongles, the nature of the algorithm performed on the dongle's secret key wouldn't make any difference. TIA and all that. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner Write for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4 2D AC 1E 9E A6 36 A3 47 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
