Home page logo

basics logo Security Basics mailing list archives

Re: Signing before Encryption and Signing after Encryption
From: "Gregory Rubin" <grrubin () gmail com>
Date: Wed, 22 Mar 2006 12:15:26 -0800

On 3/22/06, David Gillett <gillettdavid () fhda edu> wrote:
  Good points.

  If both asymmetric keys are used, the private key needs to be
used first (for the same reasons that signing should be done
first).  [Hmmm.  This only works if the encryption is NOT transitive,
ie F(k1,F(k2,t)) <> F(k2,F(k1,t)).  I don't recall seeing this
property discussed as a characteristic of encryption algorithms,
so I'm not sure whether it's taken for granted, or relatively

I've never heard of a modern "secure" encryption scheme that is also
transitive (with the sole, trivial, exception of one time XOR pads of
sufficient length).  If they were, then the following method could be
used to securely transmit messages.

Message = M
Alice encrypts the message with her key -> A(M) and sends it to Bob.
Bob encrypts the message with his key -> B(A(M)) and sends it back to Alice
Since the encryption is transitive, B(A(M)) == A(B(M)), so Alice
decrypts it and sends it back to Bob -> B(M)
Bob decrypts the message and reads the plaintext. M

While this is clearly impractical for large messages, it would seem to
be a simple way to achieve secure key-exchange over an insecure
network.  Definitely simpler than DH.

  If the signing is done over the whole message and not just the
hash, you no longer need to include the original text, so the
message size shrinks back to the original, not double.  (But
that's with the overhead of two asymmetric encryptions, so
you get to trade CPU load against message inflation.)

Ok, that's two obvious things that I missed today.  Clearly I need to
do more crypto.  I'm out of practice.

Greg Rubin

The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]