Isn't a problem with this that the private key can only be used to sign one
message as otherwise more intermediate values for different bit patterns are
revealed--and then I can forge all the downstream ones. In the extreme case, if
I have two messages where the digest differs in the first bit,
-Original Message-
From: cryptography [mailto:cryptography-boun...@randombit.net] On Behalf
Of Kevin W. Wall
Sent: Friday, April 11, 2014 00:20
To: Scott G. Kelly
Cc: Crypto discussion list
Subject: Re: [cryptography] question about heartbleed on Linux
On Thu, Apr 10, 2014 at
https://www.schneier.com/blog/archives/2013/10/insecurities_in.html#c1909001
-Original Message-
From: cryptography [mailto:cryptography-boun...@randombit.net] On Behalf
Of d...@deadhat.com
Sent: Monday, October 14, 2013 20:35
To: Cryptography List; cryptography@randombit.net
How do the does node A know node B's ID and that the ID is really the one of
the B he/she wants to communicate with? Isn't the ID really just the shared
secret (credentials) Ralph mentions in his question?
--Felix
From: cryptography [mailto:cryptography-boun...@randombit.net] On Behalf Of
-Original Message-
From: cryptography [mailto:cryptography-boun...@randombit.net] On Behalf
Of ianG
Sent: Saturday, March 09, 2013 05:07
To: cryptography@randombit.net
Subject: Re: [cryptography] side channel analysis on phones
Sure. RSA signing is the algorithm. The side
-Original Message-
From: coderman [mailto:coder...@gmail.com]
Sent: Tuesday, April 03, 2012 15:23
To: Wyss, Felix
Cc: ianG; cryptography@randombit.net
Subject: Re: [cryptography] Combined cipher modes
On Tue, Apr 3, 2012 at 12:02 PM, Wyss, Felix felix.w...@inin.com wrote