RE: Attacking Domain Keys

From: Hallam-Baker, Phillip
Sent: Monday, November 29, 2004 8:42 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: RE: [spf-discuss] Attacking Domain Keys

As is the implementation of any other algorithm.  RSA
signature validation is a very CPU-intensive algorithm that
unfairly burdens the recipient. HMAC-SHA1 signatures are much
faster, and you can optimize both to your heart's content and
still come up with the same result.


How do trolls perform the necessary key distribution?

If you understood what HMAC is then you would know why it is completely
impractical for this application, the authentication key must be shared
between sender and receiver.


I was not suggesting using an HMAC in DK or any other PK scheme, nor have I
ever.  As you are undoubtedly aware, there are other signature schemes
besides public key cryptography.  Some of them don't require key
distribution at all.  We have discussed it for a long time but I suppose you
missed it.  Please read the archives.

--

Seth Goodman

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Attacking Domain Keys, Hallam-Baker, Phillip RE: Attacking Domain Keys, Seth Goodman RE: Attacking Domain Keys, Stephen Pollei RE: Attacking Domain Keys, Hallam-Baker, Phillip Re: Attacking Domain Keys, wayne Re: Attacking Domain Keys, George Schlossnagle RE: Attacking Domain Keys, Hallam-Baker, Phillip RE: Attacking Domain Keys, Seth Goodman <= RE: Attacking Domain Keys, Hallam-Baker, Phillip RE: Attacking Domain Keys, Stephen Pollei RE: Attacking Domain Keys, Hallam-Baker, Phillip RE: Attacking Domain Keys, Seth Goodman RE: Attacking Domain Keys, Hallam-Baker, Phillip RE: Attacking Domain Keys, Hallam-Baker, Phillip

Previous by Date:	Re: Attacking Domain Keys, George Schlossnagle
Next by Date:	Re: Attacking Domain Keys, George Schlossnagle
Previous by Thread:	RE: Attacking Domain Keys, Hallam-Baker, Phillip
Next by Thread:	RE: Attacking Domain Keys, Hallam-Baker, Phillip
Indexes:	[Date] [Thread] [Top] [All Lists]