Check out http://rechten.kub.nl/koops/cryptolaw/cls-sum.htm
On 24 Jun 2003 at 10:59, Pat Deegan wrote: > Hello, > > On Tue, 2003-06-24 at 09:31, Roddi wrote: > > Hi, > > > > I have some difficulties for choosing the right algorithm for the > > following problem > [snip] > > Is there a public-key algorithm that can sign with a signature length > > of 128bit (or preferably even shorter) and that would still be secure? > > I think that most algorithms will sign some type of digest of the > message, like an MD5. MD5 is a 128 bit hash, while SHA-1 is a 160 bit > hash so the question is can the signature ever be of equal length or > shorter than the data it has signed? If not, are there any algos that > sign something shorter? I dunno, someone else on the list will have to > answer these. > > Perhaps if you use some alternate means - e.g. postal delivery of > floppies or CD - you can avoid compromising your entire system for the > few users without connectivity. > > > I am curious about this: > > > 5. the software checks the signature with the public key and refuses to > > run if the signature if not valid > > We've been thinking of a somewhat similar procedure but the > question is "how do you protect the public key?". How are you doing it? > > Regards, > -- > Pat Deegan, > http://www.psychogenic.com/ > PGP: http://www.keyserver.net 0x03F86A50 > Best Regards YUK
