On 01/10/15 13:08, Bob Henson wrote: > If the program has been altered the signature will fail, will it not?
Well, first of all, a checksum is not a cryptographic hash. It has different properties: a checksum usually has no collision resistance. Which is why the designers of WEP should have never chosen CRC-32 to protect their data, especially since said data was encrypted with a stream cipher[1]. Anyway, it was not the most important shortcoming of WEP, so it doesn't truly matter ;). And a signature by a key has a lot of extra information that simply putting a hash value on the website where you offer the download does not have. Just a hash value on the website does not tell me who calculated that hash value, and whether there is some MITM between me and the website. Peter. [1] Stream ciphers allow you to flip single bits in the plaintext. And when I flip a bit in a piece of data, I know exactly which bit I need to flip in the CRC-32 checksum to make the checksum correct again. So the CRC-32 was completely useless for protection against malicious bitflips in the plaintext it was supposed to protect. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
