"Jeff B" <[EMAIL PROTECTED]> writes: > I'm tasked with coming up with a new > serial number scheme, and I was thinking it would be cool to encrypt > the serial number using a public and private key. Since it's a serial > number, it needs to be short, and readable (A-Z, 0-9) (for customer > support).
Your serial-number encryption application seems quite close to what I am trying to achieve, see http://www.escribe.com/software/crypto/m2945.html. I am, however, planning to use it for a pet ticket system, so the security demands are not very high. -oOo- By reading the validation code in crypto++, I found out that one can do something like (almost directly snipped from validate2.cpp) FileSource f("rabi1024.dat", true, new HexDecoder); RabinSS<PSSR, SHA>::Signer priv(f); RabinSS<PSSR, SHA>::Verifier pub(priv); const byte *message = (byte *)"test message"; const int messageLen = 12; SecByteBlock signature(priv.MaxSignatureLength()); unsigned int signatureLength = priv.SignMessage(GlobalRNG(), message, messageLen, signature); ASSERT(pub.VerifyMessage( message, messageLen, signature, signatureLength)); signatureLength = priv.SignMessageWithRecovery( GlobalRNG(), message, messageLen, NULL, 0, signature); SecByteBlock recovered( priv.MaxRecoverableLengthFromSignatureLength(signatureLength)); DecodingResult result = pub.RecoverMessage(recovered, NULL, 0, signature, signatureLength); ASSERT( result.isValidCoding && result.messageLength == messageLen && memcmp(recovered, message, messageLen) == 0) ); The problem is that the signature is as large as the key, 1024 bit. For me --- and for you, it seems --- this is too big. >From reading Bellare-Rogaway (1996) about PSSR, it seems that "A fully specified scheme would use about min{ k, n+k_0+k_1+16 } bits", where k is the key size, k_0 & k_1 are hash sizes, and n is the message size. So, the first thing I tried was to use a smaller key RabinDecryptor priv(randPool, 256); HexEncoder privFile(new FileSink("rabi256.dat")); priv.DEREncode(privFile); privFile.MessageEnd(); but this fails to save the key because it ends up /not/ calling the right DEREncode (namely Rabin::DEREncode, which has an implementation) and I cannot figure out how (or whether?) to modify the inheritance of (Invertible)RabinFunction to achieve this. Something with PKCS8PrivateKey/X509PublicKey? Any help would be greatly appreciated. Another way could be to use 32 bit hash functions, with which it in theory should be possible to construct a n+80 bit scheme. Or have I misunderstood the PSSR paper? Cheers, -- Jens Peter Secher _jpsecher get2net dk DD6A 05B0 174E BFB2 D4D9 B52E 0EE5 978A FE63 E8A1_
