On Wed, 2004-02-25 at 13:22 -0500, Meng Weng Wong wrote:
Rolling checksums are a good heuristic answer to the problem, but in
general, sender authentication represents a paradigm shift away from
heuristics toward black and white answers.
We want a world where either the sender is forged or it's not; either
it's accredited or it's not; either it's reputable or it's not. We're
trying to shift the uncertainty from the authentication space into the
reputation space where it belongs.
The rolling checksum serves only to locate the original text within the
received text. There exists a strong cryptographic signature of that
same text, which can be verified once you've _found_ it. The only reason
for the cheap checksum is because verifying a strong signature of 50
lines of text over and over again till you find the _right_ 50 lines is
expensive. The checksum location is cheap.
You get a _guarantee_ that it was signed by the key in question, and you
have the choice of stripping the added noise, displaying it in a
different colour, or whatever you want.
--
dwmw2