Some genuine crypto
Ian Batten
ukcrypto at chiark.greenend.org.uk
Tue, 1 Apr 2008 15:07:23 +0100
On 24 Mar 08, at 1428, Richard Clayton wrote:
>
> hashes will not demonstrate snooping
>
> if you're trying to show changes are being made, then hashes are fine
> for automated systems -- but a rubbish way of convincing a court
MACs would, as would RSA signatures.
An Apache output module could regularly insert <!--
VERIFICATION=1234>, where 1234 is a MAC, or an RSA signature over a
hash of the page up to that point. With a MAC, the sender of a page
could at a later point prove, without having to have retained a copy
of the page as it was originally sent, not merely that the page had
been fiddled with but the point (to within the resolution of the
frequency of verification tags) at which the fiddling starts. With a
signature, the website owner could publish (in the Times' classified
section, if necessary) the public key, and anyone accessing that site
could check the verifiers themselves.
ian