have been able to separate a signed and encrypted message into a freestanding
verifiable clearsigned message
have put up the example here:
http://www.angelfire.com/pr/pgpf/sclsf.html
(the keys and messages are in 3des, idea is not necessary )
would like to ask:
[1] is there any way to distinguish the composite reconstruction forgery
from a 'real' de novo clearsigned message ?
[2] is there a difference between GnuPG and PGP in the way a message
is clearsigned, as opposed to signed and encrypted,
that might distinguish the forged composite, from a real clearsigned
message?
while the Davis paper describes separating and re-encrypting,
it doesn't deal with separating into a freestanding clearsigned message.
tia,
vedaal
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427