[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] EU Directive versus ABA "digest signatures"
I just started getting mail from this list today, so forgive me if I am taking this thread out of context, but the gist seems to be that of implementing a cryptographically secure database. We (I) have built such a system for internal use here at Microsoft. Issues of secrecy, integrity and non-repudiation were all solved, and I did use a non-addressable crypto module. - Mark West - Microsoft Corporation -----Original Message----- >I personally concur with the following point being made by John Messing: > >"The issue to my way of thinking is primarily one of security. >Unencrypted hashes and audit records of authentication in a database >require heightened database security to prevent alteration of the >records, while encrypted hashes or digital signatures can take up a >part of the security burden by virtue of protections provided to the >private key" > >In addition an encrypted hash can be done by a relatively small bit of >trusted code and done by a tamper proof hardware module (for example a >FIP140-3 device. Hence by using encrypted hash it is simple for >independent third parties to verify evidence.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]