On Wed, Oct 03, 2007 at 10:40:28PM +0200, G?bri M?t? wrote:
Perhaps off-topic, but do consider improving your signal-to-noise ratio;
I count one useful, albeit misspelled, line - remove the (non-delimited)
sig, broken PGP signature, and useless cruft from replied messages.
What you want to do is a lot more complicated. The easiest solution I
can think of is chaining. For instance, given data_1, data_2, ...,
data_n which must be signed on date_1, date_2, ..., date_n, define
hash_0 = SOME_VALUE
hash_i+1 = f(hash_i ++ data_i+1 ++ date_i+1)
Here, f() is a hash function, for instance RIPEMD-160 or SHA2-256, and
++ denotes some mixing operation (XOR might be a good bet).
Suppose you provide someone with frequent values of hash_i. If you later
make a false claim about either data_j or date_j, and the other person
has hash_i, hash_k, data_1, ..., data_k, and date_i, ..., date_k,, where
i < j <= k, then you would be quickly found out.
Of course, more sophisticated algorithms can do the same thing, but
without revealing quite this much. Go read a good book; Practical
Cryptography provides a good overview.
Joachim
Disclaimer: I am not a cryptographer, crypto is hard, and I'm tired. So
no guarantees that the above actually works.
--
PotD: x11/matchbox/matchbox-window-manager - window manager with a
classic pda management policy
