[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200502171057.28832.lionel.ferette@belnet.be>
From: lionel.ferette at belnet.be (Lionel Ferette)
Subject: In case y'all didn't catch it yet...
Hello Valdis,
On Wednesday 16 February 2005 19:08, you produced the following piece of
wisdom:
[SNIP]
> And if it's a crew with a 400K machine zombie net, 3 days. Maybe a week
> given that most of the boxes are consumer-grade machines.
>
> Consider it a "given" that there's at least one "somebody" *already*
> situated in that target space...
Granted. But what would those "somebody" find? Maybe it is possible to forge a
message that would have the same hash as another, given, message. What is the
probability of such a forged message to make any sense? More, to make any
sense in an "interesting" way for those "somebody"?
I fully agree that the basis for non-repudiation has been shaken: someone may
claim that (s)he did not sign a message, since it may be possible to forge.
But I won't lose sleep because of that.
Time to apply for those crypto research funds, though ;-)
Cheers,
Lionel
--
"To understand how progress failed to make our lives easier,
please press 3"
Lionel Ferette
BELNET CERT Coordinator
Tel: +32 2 7903385 http://cert.belnet.be/
Fax: +33 2 7903375 PGP Key Id: 0x5662FD4B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050217/60982d19/attachment.bin
Powered by blists - more mailing lists