Re: Recipient-verifiable messages, was: forwarding an encrypted PGP message is useless

Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de> Sun, 26 May 2002 16:03 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA25305 for <openpgp-archive@odin.ietf.org>; Sun, 26 May 2002 12:03:33 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id g4QFs1406246 for ietf-openpgp-bks; Sun, 26 May 2002 08:54:01 -0700 (PDT)
Received: from cdc-info.cdc.informatik.tu-darmstadt.de (cdc-info.cdc.informatik.tu-darmstadt.de [130.83.23.100]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4QFrxJ06242 for <ietf-openpgp@imc.org>; Sun, 26 May 2002 08:54:00 -0700 (PDT)
Received: from localhost (cdc-info [130.83.23.100]) by cdc-info.cdc.informatik.tu-darmstadt.de (Postfix) with SMTP id 800C62C93; Sun, 26 May 2002 17:53:59 +0200 (MET DST)
Received: id <m17C0Jw-000QdtC@epsilon>; Sun, 26 May 2002 17:52:36 +0200 (CEST)
Date: Sun, 26 May 2002 17:52:36 +0200
From: Bodo Moeller <moeller@cdc.informatik.tu-darmstadt.de>
To: ietf-openpgp@imc.org, Hal Finney <hal@finney.org>, adam@cypherspace.org
Subject: Re: Recipient-verifiable messages, was: forwarding an encrypted PGP message is useless
Message-ID: <20020526175235.A535@epsilon>
References: <200204181920.g3IJKei01453@finney.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Mailer: Mutt 1.0i
In-Reply-To: <no.id>; from bmoeller@hrzpub.tu-darmstadt.de on Sun, May 26, 2002 at 03:28:41PM +0000
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 8bit

On Sun, May 26, 2002 at 03:28:41PM +0000, Bodo Moeller wrote:
> Hal Finney <hal@finney.org>rg>:
>> Adam Back writes:

>>> we proposed:
>>>
>>> 	Encrypt_Bob(K), Encrypt(K, Sign_Alice(Hash(K||Bob_PK)), msg)

>> I see, that seems to work well too.  [...]

> Does it?  If Bob is willing to reveal  K  and additional data such as
> padding used for RSA encryption, can't everyone verify that this is
> indeed a valid signature by Alice on 'msg'?

Oops, I've been parsing the parentheses incorrectly.


-- 
Bodo Möller <moeller@cdc.informatik.tu-darmstadt.de>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036