Hello, On Tue, 2003-06-24 at 09:31, Roddi wrote: > Hi, > > I have some difficulties for choosing the right algorithm for the > following problem [snip] > Is there a public-key algorithm that can sign with a signature length > of 128bit (or preferably even shorter) and that would still be secure?
I think that most algorithms will sign some type of digest of the message, like an MD5. MD5 is a 128 bit hash, while SHA-1 is a 160 bit hash so the question is can the signature ever be of equal length or shorter than the data it has signed? If not, are there any algos that sign something shorter? I dunno, someone else on the list will have to answer these. Perhaps if you use some alternate means - e.g. postal delivery of floppies or CD - you can avoid compromising your entire system for the few users without connectivity. I am curious about this: > 5. the software checks the signature with the public key and refuses to > run if the signature if not valid We've been thinking of a somewhat similar procedure but the question is "how do you protect the public key?". How are you doing it? Regards, -- Pat Deegan, http://www.psychogenic.com/ PGP: http://www.keyserver.net 0x03F86A50
