[plug] Encryption
Christian
christian at global.net.au
Sun Aug 29 09:43:21 WST 1999
Bret Busby wrote:
>
> Since someone on the mailing list appears to make a point in their messages, of
> saying that they are encrypted (? I can read them, without decryption?), I
> thought the following may interest some. Whilst I do not know how many bits of
> encryption the standard uses (it may be the 40, 56 or 128 bit level), it shows
> that breaking encryption can be done. And, whilst it used a supercomputer, I
> understand that Beowulf on a cluster of Linux boxes can be similarly powerful.
I think the person's (Jeremy?) messages are PGP signed, ie a digital
signature, and not actually encrypted as such. A hash (such as MD5 or
SHA1) is taken of the message and then encrypted with that person's
private key (likely using RSA) and the result is appended to the
message. If you wanted to verify the authenticity of the message you
would decrypt the appended hash with that person's public key and
recalculate the hash of the message and compare the two. If they
matched then you could be (pretty) sure that the message came from them
since no one else would know their private key.
Speaking of which... does anyone know or has tried to get Netscape
Messenger to use some external program (like GPG) to sign messages? Is
it possible?
Regards,
Christian.
--
What if there were no hypothetical questions?
More information about the plug
mailing list