Greets, On Tue, 2003-06-24 at 11:26, Ruotger Skupin wrote: > Well I'm not sure whether the whole serial#-fingerprint combo is signed > or a hash of it. (I didn't write the code) Are there any security risks > if I do not use a hash?
I don't believe so - I think that in most circumstances, you sign a digest because signing the entire message would be slow and it's quicker to pass the data through a one way hash and then sign that hash. In your case, this may not even be true. > > We've been thinking of a somewhat similar procedure but the > > question is "how do you protect the public key?". How are you doing > > it? > Well, to be honest, I don't understand the question. As far as I > understand the matter, the cool thing about public key cryptography is > that you cannot derive the private key from the public key, even if > have the plain text *and* the cipher text. Correct me if I'm wrong! I don't mean "how do you keep the public key secret". I mean, how do you keep the user from changing the public key for one from their own generated keypair, thereby allowing them to sign whatever they like and bypass your security. We've been thinking of various obfuscation techniques to keep the public key hidden but I'm wondering if there's some better way we haven't figured out. Regards, -- Pat Deegan, http://www.psychogenic.com/ PGP: http://www.keyserver.net 0x03F86A50
