Home page logo
/

basics logo Security Basics mailing list archives

Re: Signing before Encryption and Signing after Encryption
From: Greg Rubin <grrubin () gmail com>
Date: Thu, 23 Mar 2006 08:45:17 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
It verifies a different thing.  It doesn't verify that a specific
person signed it, just that a trusted person signed it.  If there are
only two people in the circuit, then I know that the other person must
have signed it if I didn't.  You also have to remember that you can't
verify this signature either if you don't have access to the secret key.

Greg Rubin

John Lightfoot wrote:
I don't understand how a signature can work with a shared key.  If
two people share a key, how can you tell which one of them signed
it?

-----Original Message----- From: Gregory Rubin
[mailto:grrubin () gmail com] Sent: Wednesday, March 22, 2006 12:55 PM
 To: Craig Wright Cc: gillettdavid () fhda edu; shyaam () gmail com;
security-basics () securityfocus com Subject: Re: Signing before
Encryption and Signing after Encryption

True.  Signatures don't really require asymmetric keys.  An example
of this is an HMAC and variants thereof.  Right now, I'm commonly
signing URLs using the following system (so I have no excuse for
forgetting it):

BaseUrl = http://www.foo.com/one/two?three=four Secret =
SharedSecret Signature = md5(Secret + BaseURL)

New URL = BaseURL + "&hash=" + Signature

Greg Rubin

On 3/21/06, Craig Wright <cwright () bdosyd com au> wrote:
Hello, Just to be difficult....

David stated "Signing requires a private key". This is correct
through feasibility, but it is not technically correct as there
are signature schemes that only require symmetric keys. Signing
with symmetric keys is a lot more complex and thus more prone to
error and has a range of key management issues. This does not
mean that it is not possible.

In fact there are scheme to sign a message using only Hashing
algorithms. The simplest of these is to hash the document and
keep a list of document hashes (similar to software). A user
could check the list to see if the message was valid or if
tampering had occurred. A third party could keep the hash tables
to ensure that the lists where accurate.

So signing does not require a private key - it just makes it
easier. Next it also depends on non-repudiation/repudiation
issues. It is easy to sign a document and have a verification
that it is unaltered but with no proof that the original signer
could not come back and accuse the receiver of forging the
document.

An example symmetric scheme could be:

Alice encrypts a message using a symmetric key known to Bob (and
Alice only) Alice hashes the encrypted message Alice encrypts the
(encrypted) message and hash using a symmetric key known to Jim
but unknown to Bob Bob receives the hashed and encrypted message.


If Bob alters the message - the hash will not work. Alice can not
lie as Jim has a copy. Key management is a bugger, but still
possible (though unlikely)

ANSI X9.17 Notarised Symmetric Keys may be used to sign.

Regards Craig S Wright

PS There are also hybrid ciphers for signing which are based on a
 combination of all the above - but this for another post


-----Original Message----- From: David Gillett
[mailto:gillettdavid () fhda edu] Sent: 22 March 2006 6:21 To:
shyaam () gmail com; security-basics () securityfocus com Subject: RE:
Signing before Encryption and Signing after Encryption

Signing requires a private key -- therefore, it *must* be
Asymmetric. Asymmetric is typically much slower than Symmetric,
so you get things like SSL that use Asymmetric to protect the
exchange of the Symmetric key used for actual payload encryption.


Signing after encryption allows the signature to be verified
before/without decrypting the payload.  There are a variety of
circumstances in which that could be useful, which are blocked if
the signing is done first.  I can't think of any where the
opposite is true.

David Gillett, CISSP


Liability limited by a scheme approved under Professional
Standards
Legislation in respect of matters arising within those States and
Territories of Australia where such legislation exists.
DISCLAIMER The information contained in this email and any
attachments is
confidential. If you are not the intended recipient, you must not
use or disclose the information. If you have received this email in
error, please inform us promptly by reply email or by telephoning
+61 2 9286 5555. Please delete the email and destroy any printed
copy.
Any views expressed in this message are those of the individual
sender.
You may not rely on this message as advice unless it has been
electronically signed by a Partner of BDO or it is subsequently
confirmed by letter or fax signed by a Partner of BDO.
BDO accepts no liability for any damage caused by this email or
its
attachments due to viruses, interference, interception, corruption
or unauthorised access.
----------------------------------------------------------------------
 ----- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec
management education and the case study affords you unmatched
consulting experience. Tailor your education to your own
professional goals with degree customizations including Emergency
Management, Business Continuity Planning, Computer Emergency
Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------
 -----



---------------------------------------------------------------------------
 EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The
Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting
experience. Tailor your education to your own professional goals
with degree customizations including Emergency Management, Business
Continuity Planning, Computer Emergency Response Teams, and Digital
Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
iD8DBQFEItCc5KDU23nQpRcRAii3AKCj5dTICFvVFz2JKN1Ms2iGkg20JgCg1Zut
CJT6VINQ5BVQFuRldMgn+nc=
=Gy9O
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault