On Sun, 2005-08-14 at 14:24 +0100, Ben Laurie wrote:
Jeroen Massar wrote:
<SNIP>
* sign(encrypt(message))
<SNIP>
More importantly, perhaps, Krawczyk has shown that, in general, sign then encrypt is insecure.
Which exact paper do you mean?
Also note that when you say that that is insecure you are also saying that either/both the signing and/or the encryption are insecure in which case the solution to the problem should be sought in a different place...
-- >>>ApacheCon Europe<<< http://www.apachecon.com/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff