-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Trevor,
Thanks for your comments. A couple of questions! Trevor Perrin <tr...@trevp.net> wrote: > On Wed, Dec 7, 2016 at 11:36 AM, Bjarni Runar Einarsson > <b...@pagekite.net> wrote: > > You're relying on a different property: An attacker given > (public key, message, signature) can't output a *different* key > pair with a public key that also verifies the message. Not "the message"... "all the messages." The threshold is trivially configurable. Does that change anything, or is it all the same? Or does nobody know since it hasn't been well studied? > But this is still a confused and risky use of signatures, IMO. I see. How would you recommend I determine whether the whole scheme is dangerous and should be abandoned, or if it's still better than the status quo? - Bjarni -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJYSJyRAAoJEI4ANxYAz5SRUIYIAJm2aWGiJEZV3rDzYaiY7rJ3 gg2HdHDOnL/cDlXIclRWcJ4BMgSvYve03R+6w/06tfcDLzClL/xzwFS3lqOBM5X2 fnEdNlikAK7o3ys9cwp95yK+f9NtLHGkAREBt/RIJa4O3fS18i0HlH75hoGvmSV3 TMHwzRn15a+o2Hy+6wnAglZpIhkL9D2YEmi0B6DMYRhnSsjJn+8Hmuhsr5E9x/nf xJCAwasGozNFJkVGrxVVFOE/GmuT25kYGF8iDJSmPh5e57HXyxjfhyNkrpAVwK0U I0IW5yP9KQUkxXpGdA+DMOCGReBdiy/+WBn4PuNZYtZKU1P4FtDxhOCYljTdeyg= =AGR2 -----END PGP SIGNATURE-----
_______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging
