|
|
|
|
|
Submitted by pcw on Tue, 12/02/2008 - 23:48.
|
Earn beer money! If you spot an error, send it my way. Each technical error earns $5. Grammar errors may earn an award, but they're harder to define and so I'm not making guarantees. I reserve the right to decide what constitutes an error and the right to award multiple prizes in the case of a tie.
Thanks to: John Viega.
|
Omissions and Errors:
Page
|
Old
|
New
|
Fixed in version
|
vii
|
http://www.wayner.org/books/pogs/
|
http:/www.wayner.org/books/pog/
|
1.01
|
10
|
Hash functions are pure blenders that accept a file
|
Hash functions are pure blenders that accept a string of bits
|
1.01
|
10
|
.. are MD5 and its newer cousin the Secure Hash Algorithm
|
... are MD5 and it's newer and stronger cousin, the Secure Hash Algorithm
|
1.01
|
11
|
...The nature of hash functions means that only someone who knows this can generate this value. It should be practically impossible to start with $h(key| file)$ and the file itself and find the value of the $key$.
|
It should be practically impossible to start with $h(key| file)$ and the file itself and find the value of the $key$. In many simple cases, it should also be practically impossible to create a value of $h(key,file)$ without knowing $key$. A more sophisticated protocol known as HMAC offers more strength.
|
1.01
|
11
|
Some avoid this
problem by applying the DES algorithm two or three
times with different keys effectively doubling or
tripling the size of the key.
|
Some avoid this
problem by applying the DES algorithm three
times with different keys effectively
tripling the size of the key.
|
1.01
|
12
|
In simple cases when public key algorithms like RSA are used, digital signatures will be denoted as $f_d(x)$ where $d$ is the decryption key which is normally kept private. If hash functions are used, the digital signature will be denoted as $h(key,x)$ where the value of $key$ must be known to compute it.
|
In simple cases when public key algorithms like RSA are used, digital signatures will be denoted as $f_d(x)$ where $d$ is the decryption key which is normally kept private. This privacy offers a degree of \newterm{non-reputability}, a term that means that it's difficult for someone to deny signing a document. If hash functions are used, the digital signature will be denoted as $h(key,x)$ where the value of $key$ must be known to compute it. Both the signer and the verifier must know the same value of $key$ preventing any non-repudiation.
|
1.01
|
18
|
If you need more understanding,
please consult the basic references like the {\em Handbook of Applied Cryptography} .
|
If you need more understanding,
please consult the basic references like the {\em Handbook of Applied Cryptography} or {\em Modern Cryptography}.
|
1.01
|
|
|
|
|
|
|
|
|
|
|
|
|
