David Wagner (daw@CS.Berkeley.EDU)
29 Mar 1999 13:11:54 -0800
In article <199903180341.EAA17194@mail.replay.com>,
Anonymous <nobody@replay.com> wrote:
> David Wagner writes:
>
> > Does this argument imply that every symmetrically-keyed MAC is a "public
> > key digital signature"? After all, thanks to the theory of zero-knowledge
> > proofs, every MAC scheme has an "efficient" confirmation protocol.
> > (Many of them may actually be efficient in real life, too, as witnessed
> > by Hal Finney's work on SHA-1.)
>
> What would be the public key, though?
Any other known-valid (plaintext, MAC) pair, I suppose...
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:50