Combined Signature and Encryption Schemes.
- From: fabrice.gautier@xxxxxxxxx
- Date: 1 Nov 2006 14:08:52 -0800
So, lets say I want to create a secure messaging system based on public
key crypto. I start with something like PGP. Peoples may or not have a
Key Pair, so there are 4 ways to send a message:
1) Not signed, Not encrypted (neither sender or recipient has keys)
2) Signed, Not encrypted (recipient doesnt have key)
3) Not Signed, Encrypted (sender doesnt have key)
4) Signed, Encrypted (both have keys)
So now, I decide I'm going to have an Signature Scheme, and an
Encryption Scheme. For now those are independant Schemes.
My Signature Scheme is basically going to be a Hash on the Plaintext,
and then a signature primitive, such as RSA or ECDSA, on this hash.
Now I want my Encryption Scheme to be safe against Chosen Ciphertext
Attacks, so it includes a MAC on the Ciphertext.
So now basically I have three operations that operate on the full
message data:
1) A Hash on the Plaintext
2) A block cipher on the Plaintext, this gives me the CipherText
3) A Mac on the Ciphertext
So I'm wondering if it is possible to optimize this so that I only need
2 passes on the full data ? In particular I'm thinking there might be a
way to combine the Signature and Encryption schemes to achieve this.
Thanks
.
- Follow-Ups:
- Re: Combined Signature and Encryption Schemes.
- From: Joseph Ashwood
- Re: Combined Signature and Encryption Schemes.
- Prev by Date: Re: MD5 for passwords
- Next by Date: Re: Securing ARC4
- Previous by thread: How hard is it to break a ECDSA 49-bit prime field digital signature?
- Next by thread: Re: Combined Signature and Encryption Schemes.
- Index(es):
Relevant Pages
|
Loading
