Re: URI Scheme for Cryto Hashes

On 1/9/12 10:54 PM, Peter Williams wrote:
> Fun variant is to use rsa signing as the "hash"
>
> Use the ANSI rsa variant, not pkcs. Then the bytes of the signature wrap the content string.
>
> Remember we can now do 2048 bit rsa pretty fast, revealing the uri within and authenticating in one go.
>
> One needs raw mode of rsa which will generally verboten to consumers.
>
> One uses oaep padding of the uri, to address adaptive cipher text vulnerabilities - against what would be publicly available cipher text.
>
> The public keys for verifying the "hash" and unwrapping oaep (basically 2 round des used as an hmac) may or may not be published. They can be confidential.
>
> The output of one can be wrapped by another (of 16 bits larger modulus).
>
> Use the crypto. We are passed the cold war, limiting rsa for signing and key transport.

Will look into that also.

Kingsley
>
> Sent from my iPhone
>
> On Jan 9, 2012, at 2:53 PM, "Kingsley Idehen"<kidehen@openlinksw.com>  wrote:
>
>> All,
>>
>> FYI, please digest: http://tools.ietf.org/html/draft-hallambaker-digesturi-02 .
>>
>> -- 
>>
>> Regards,
>>
>> Kingsley Idehen
>> Founder&   CEO
>> OpenLink Software
>> Company Web: http://www.openlinksw.com
>> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
>> Twitter/Identi.ca handle: @kidehen
>> Google+ Profile: https://plus.google.com/112399767740508618350/about
>> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>>
>>
>>
>>
>>
>>
>


-- 

Regards,

Kingsley Idehen	
Founder&  CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen