RE: digested-data, surreptitious forwarding, D-H
2002-07-26 19:28:44
scratch question 3, this week has fried my brains more than I thought..
-----Original Message-----
From: Trevor Perrin [mailto:Tperrin(_at_)sigaba(_dot_)com]
Sent: Friday, July 26, 2002 2:32 PM
To: 'ietf-smime(_at_)imc(_dot_)org'
Subject: digested-data, surreptitious forwarding, D-H
With more diligence I probably could've answered these from
the archives.
But a few questions:
1) I'm surprised S/MIME doesn't use CMSs' digested-data with
enveloped-data.
In the case of encrypted but not signed mails, doesn't this leave the
message vulnerable to things like cut-and-paste attacks
(where an attacker
reorders ciphertext blocks, so upon decrypting the recipient
sees reordered
plaintext)?
2) At some point I thought there was an Internet-Draft for a signed
attribute to address Don Davis' surreptitious forwarding
concern. I don't
see it now. Has that been dropped, or has some other fix
been incorporated
somewhere?
3) I see that Diffie-Hellman key pairs can be encrypted to,
using either
static-static or ephemeral-static modes. It seems like a
Diffie-Hellman key
pair should be able to sign as well, using something like a
static-ephemeral
mode. Is there a cryptographic reason why this
can't/shouldn't be done, or
is it just incidental that it isn't supported?
The reason it seems like this might be useful is that Diffie-Hellman
agreement values can be cached, so a signer could perform
lots of signatures
efficiently with such a key pair, which could be useful for
something like a
DOMSEC gateway, which may have high volume mail flows and
large key pairs.
Trevor
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- digested-data, surreptitious forwarding, D-H, Trevor Perrin
- RE: digested-data, surreptitious forwarding, D-H,
Trevor Perrin <=
- Re: digested-data, surreptitious forwarding, D-H, Peter Gutmann
- RE: digested-data, surreptitious forwarding, D-H, Trevor Perrin
- RE: digested-data, surreptitious forwarding, D-H, Trevor Perrin
- RE: digested-data, surreptitious forwarding, D-H, Peter Gutmann
- RE: digested-data, surreptitious forwarding, D-H, Peter Gutmann
|
Previous by Date: |
digested-data, surreptitious forwarding, D-H, Trevor Perrin |
Next by Date: |
Re: digested-data, surreptitious forwarding, D-H, Peter Gutmann |
Previous by Thread: |
digested-data, surreptitious forwarding, D-H, Trevor Perrin |
Next by Thread: |
Re: digested-data, surreptitious forwarding, D-H, Peter Gutmann |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|