Bitcoin Forum
December 06, 2016, 09:51:02 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Single address accounts  (Read 1796 times)
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
July 11, 2011, 07:25:06 PM
 #21

on a busy SSL server, things gets signed and encrypted, 1000 times per second. with the same 1024/2048 bit key. they are not broken (yet).

Dude.  SSL never encrypts anything with the server's private key.  Never.
partly true.

but it is used(to sign) in the key-exchange protocol, to prevent a 3. party for modifying the protocol messages.

No, it isn't.  In SSL, the client encrypts the premaster secret (a number used to derive the symmetric session key) using the server's public key.  The server decrypts it using the private key.  At no time does the server ever emit anything directly derived from its private key.

SSL uses symmetric encryption for the payload.  PKC is only used to securely exchange that session key, and the entire exchange protocol was designed to protect the server's private key from re-use.

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
1481061062
Hero Member
*
Offline Offline

Posts: 1481061062

View Profile Personal Message (Offline)

Ignore
1481061062
Reply with quote  #2

1481061062
Report to moderator
1481061062
Hero Member
*
Offline Offline

Posts: 1481061062

View Profile Personal Message (Offline)

Ignore
1481061062
Reply with quote  #2

1481061062
Report to moderator
1481061062
Hero Member
*
Offline Offline

Posts: 1481061062

View Profile Personal Message (Offline)

Ignore
1481061062
Reply with quote  #2

1481061062
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481061062
Hero Member
*
Offline Offline

Posts: 1481061062

View Profile Personal Message (Offline)

Ignore
1481061062
Reply with quote  #2

1481061062
Report to moderator
1481061062
Hero Member
*
Offline Offline

Posts: 1481061062

View Profile Personal Message (Offline)

Ignore
1481061062
Reply with quote  #2

1481061062
Report to moderator
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 11, 2011, 07:27:37 PM
 #22

How about this then: In SSL, the server's private key is not used for encryption, nor for hashing, nor for any other operation, cryptographic or otherwise, of anything that is released to any other party.
LOL! TROLL!

then what is it used for, please enlighten us with your superior knowledge.

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
July 11, 2011, 07:31:29 PM
 #23

How about this then: In SSL, the server's private key is not used for encryption, nor for hashing, nor for any other operation, cryptographic or otherwise, of anything that is released to any other party.
LOL! TROLL!

then what is it used for, please enlighten us with your superior knowledge.

Already answered in the post just above yours.

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 11, 2011, 07:43:32 PM
 #24

on a busy SSL server, things gets signed and encrypted, 1000 times per second. with the same 1024/2048 bit key. they are not broken (yet).

Dude.  SSL never encrypts anything with the server's private key.  Never.
partly true.

but it is used(to sign) in the key-exchange protocol, to prevent a 3. party for modifying the protocol messages.

No, it isn't.  In SSL, the client encrypts the premaster secret (a number used to derive the symmetric session key) using the server's public key.  The server decrypts it using the private key.  At no time does the server ever emit anything directly derived from its private key.

SSL uses symmetric encryption for the payload.  PKC is only used to securely exchange that session key, and the entire exchange protocol was designed to protect the server's private key from re-use.
the client can often force a DH key-agreement to happen. it requires the server to sign with the private key.

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
July 11, 2011, 08:07:41 PM
 #25

the client can often force a DH key-agreement to happen. it requires the server to sign with the private key.

Reference?

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 11, 2011, 08:17:32 PM
 #26

the client can often force a DH key-agreement to happen. it requires the server to sign with the private key.

Reference?
http://www.ietf.org/rfc/rfc5246.txt

p. 91-92
F.1.1.3.  Diffie-Hellman Key Exchange with Authentication

Quote
When Diffie-Hellman key exchange is used, the server can either
supply a certificate containing fixed Diffie-Hellman parameters or
use the server key exchange message to send a set of temporary
Diffie-Hellman parameters signed with a DSA or RSA certificate.

also every certificate is signed by an CA.

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
kjj
Legendary
*
Offline Offline

Activity: 1302



View Profile
July 11, 2011, 08:42:46 PM
 #27

the client can often force a DH key-agreement to happen. it requires the server to sign with the private key.

Reference?
http://www.ietf.org/rfc/rfc5246.txt

p. 91-92
F.1.1.3.  Diffie-Hellman Key Exchange with Authentication

Quote
When Diffie-Hellman key exchange is used, the server can either
supply a certificate containing fixed Diffie-Hellman parameters or
use the server key exchange message to send a set of temporary
Diffie-Hellman parameters signed with a DSA or RSA certificate.

also every certificate is signed by an CA.

I stand corrected.  SSL implementations that ignore all the SHOULDs and warnings in that section do actually have the option to use their private keys directly.

p2pcoin: a USB/CD/PXE p2pool miner - 1N8ZXx2cuMzqBYSK72X4DAy1UdDbZQNPLf - todo
I routinely ignore posters with paid advertising in their sigs.  You should too.
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 11, 2011, 09:01:05 PM
 #28

the client can often force a DH key-agreement to happen. it requires the server to sign with the private key.

Reference?
http://www.ietf.org/rfc/rfc5246.txt

p. 91-92
F.1.1.3.  Diffie-Hellman Key Exchange with Authentication

Quote
When Diffie-Hellman key exchange is used, the server can either
supply a certificate containing fixed Diffie-Hellman parameters or
use the server key exchange message to send a set of temporary
Diffie-Hellman parameters signed with a DSA or RSA certificate.

also every certificate is signed by an CA.

I stand corrected.  SSL implementations that ignore all the SHOULDs and warnings in that section do actually have the option to use their private keys directly.
apache has it enabled by default.
it only requiers the client to only allows DH in the ClientHello message, and the server supports DH.

anyway it does not matter. signatures are useless for the propose of getting information about the private key.
signatures only gives proof that the other party have access the the private key.

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
ampkZjWDQcqT
Member
**
Offline Offline

Activity: 70


GNU is not UNIX


View Profile
July 11, 2011, 09:46:30 PM
 #29

[...]

How about this then: In SSL, the server's private key is not used for encryption, nor for hashing, nor for any other operation, cryptographic or otherwise, of anything that is released to any other party.

If not to perform cryptographic operations, what do you think it's the purpose of a cryptographic key?.

If you found my comment useful please express your gratitude by doing an action of similar magnitude towards a better society. Thanks you!.
kokjo
Legendary
*
Offline Offline

Activity: 1050

You are WRONG!


View Profile
July 11, 2011, 09:57:39 PM
 #30

[...]

How about this then: In SSL, the server's private key is not used for encryption, nor for hashing, nor for any other operation, cryptographic or otherwise, of anything that is released to any other party.

If not to perform cryptographic operations, what do you think it's the purpose of a cryptographic key?.

hey! don't step on him!

he said:
client gets the server cert.
the client encrypts a random key he/she choses, with the public key from the cert.
and sends it to the server.

the server decryptes the random key
the server responses with an encrypted message, to proof that he/she knows the private key.

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!