-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
- ----- Original Message -----
From: "Michael Young" <mwy-opgp97(_at_)the-youngs(_dot_)org>
To: <ietf-openpgp(_at_)imc(_dot_)org>
Sent: Tuesday, October 16, 2001 11:29 AM
Subject: Re: separation of signed and encrypted messages
If you're willing to show the plaintext, why do you care about
protecting the session key? Are you reusing it? This might be an
issue for a PGPdisk, for example, where one symmetric key protects the
entire contents... you can't reveal+prove selected parts.
for an rsa key,
if one has the session key, ciphertext and plaintext,
and, at some point,
*if*
md5 is 'fully' broken,
would it not be possible to retrieve the secret key and passphrase?
vedaal
-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt http://www.ipgpp.com/
Comment: { Acts of Kindness better the World, and protect the Soul }
Comment: KeyID: 0x6A05A0B785306D25
Comment: Fingerprint: 96A6 5F71 1C43 8423 D9AE 02FD A711 97BA
iQEVAwUBO8xphmoFoLeFMG0lAQOeXgf+L0PAnxSnZ6NXzM9wfJN+4IquwhjMsJXQ
Y3Odn6TDcPTJY9CA8IHYNCoh59b0pAwwR4R9phmRaIbH45HmmKLTZBXei8UtI3Ok
J162JyJTcas8SMKkMNJTz5q1GJ3V+Ij8TevJAAWjYH1CL1zoZ/xIYfLauLP4HocB
rFhrQm/QvYYse+qbCEm+erkY5SlarmkG4w/GjRWQPkjASNzNX6xZBsywKuqTUcYi
+pI2el+JUSvVD9VHTHlMb7xE0Awfmp3c5v7OCKTrz6uaON7BN52MXRJlXZK8VAvT
5ee6wwyn5FoatHAjnf/Z/GAvcJQdLj8rYTF719BF4wLoi1wX0frNKA==
=FR1H
-----END PGP SIGNATURE-----