William Allen Simpson wrote:
The notary would never sign a hash generated by
somebody else. Instead, the notary generates its
own document (from its own tuples), and signs its
own document, documenting that some other document
was submitted by some person before some
particular
Francois Grieu wrote:
That's because if Tn is known (including chosen) to some person,
then (due to the weakness in MD5 we are talking about), she can
generate Dp and Dp' such that
S( MD5(Tn || Dp || Cp || Cn) ) = S( MD5(Tn || Dp' || Cp || Cn) )
whatever Cp, Cn and S() are.
First of all, the
On 09 December 2007 06:16, Peter Gutmann wrote:
Reading through Secure Programming with Static Analysis, I noticed an
observation in the text that newer versions of gcc such as 3.4.4 and 4.1.2
treat the pattern:
memset(?, 0, ?)
differently from any other memset in that it's not
