--
Stefan Lucks (moved to Bauhaus-University Weimar, Germany)
Stefan.Lucks(at)medien.uni-weimar.de
-- I love the taste of Cryptanalysis in the morning! --
-
The Cryptography Mailing
),
...
H(P_L,J,P_L,P_1,J,P_1, ..., P_{L-1},J,P_{L-1})
)
Would that be OK for you application?
In any case, I think that using a 160-bit hash function as a building
block for a universal one-way function with (potentially) much more than
160-bit of entropy is a bit shaky.
--
Stefan
to demonstrate how serious hash function collisions should be
taken -- even for people without much technical background. And to help
you, to explain these issues
- to your boss or your management,
- to your customers,
- to your children ...
Have fun
Stefan
--
Stefan Lucks Th
in the case of TCPA.
As I wrote in my response to Carl Ellison's response, one of the main
advantages of the Chaum/Pedersen style approach is a clear separation of
duties. The TCPA misses this separation, and this is a sign of bad
security design.
--
Stefan Lucks Th. Informatik, Univ. Mannheim