sorry. its a reply to the licensing issue On 5 Jul 2003 at 10:11, Yusuf Khan-YUK wrote:
> Check out > http://rechten.kub.nl/koops/cryptolaw/cls-sum.htm > > > On 24 Jun 2003 at 10:59, Pat Deegan wrote: > > > Hello, > > > > On Tue, 2003-06-24 at 09:31, Roddi wrote: > > > Hi, > > > > > > I have some difficulties for choosing the right algorithm for the > > > following problem > > [snip] > > > Is there a public-key algorithm that can sign with a signature length > > > of 128bit (or preferably even shorter) and that would still be secure? > > > > I think that most algorithms will sign some type of digest of the > > message, like an MD5. MD5 is a 128 bit hash, while SHA-1 is a 160 bit > > hash so the question is can the signature ever be of equal length or > > shorter than the data it has signed? If not, are there any algos that > > sign something shorter? I dunno, someone else on the list will have to > > answer these. > > > > Perhaps if you use some alternate means - e.g. postal delivery of > > floppies or CD - you can avoid compromising your entire system for the > > few users without connectivity. > > > > > > I am curious about this: > > > > > 5. the software checks the signature with the public key and refuses to > > > run if the signature if not valid > > > > We've been thinking of a somewhat similar procedure but the > > question is "how do you protect the public key?". How are you doing it? > > > > Regards, > > -- > > Pat Deegan, > > http://www.psychogenic.com/ > > PGP: http://www.keyserver.net 0x03F86A50 > > > > > Best Regards > YUK > Best Regards YUK
