|
![](/i/fill.gif) |
On 5/6/2011 1:12, Invisible wrote:
> This is true of algorithms like RSA. However, there are algorithms where the
> encryption and decryption keys are actually in different formats, and it is
> only possible to encrypt with the designated encryption key.
There are also algorithms where any of many signatures can be generated (not
under control of the person doing the signing), and they can be checked.
This lets you build a signature algorithm that can't be used for encryption.
> In this instance, we're only trying to establish a secure channel.
Then you don't need a certificate at all, so there's no need for both sides
to have a private key.
> You understand that in principle, it is *always* possible to compute the
> private key from the public one, right?
No. It may be possible to describe how to perform that calculation, but it's
trivial to make the possibility of stumbling across the right private key
arbitrarily small.
> AES exists for a reason. Triple DES is subject to meet-in-the-middle
Triple-DES is useful only to those who have DES hardware ubiquitous in their
infrastructure.
--
Darren New, San Diego CA, USA (PST)
"Coding without comments is like
driving without turn signals."
Post a reply to this message
|
![](/i/fill.gif) |