Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>And encryption is not a signature.

Encryption involves using signing key and universally uniquely identifying something.

That's exactly what it is. In fact encryption is even more secure than a normal written signature.

I can sign a piece of text put it here -- sign it with my private key -- put it on HN with my public key and everyone can be sure I wrote it.



Encryption usually involves a signing/authentification step to prevent certain crypto attacks, but in symmetric encryption schemes those only prove that the document hasn't been modified after encryption. You still create a different document, sign it with the same password, and nobody would be able to prove that that's not the original.

With asymetric encryption you have a sort of signature because only the sender has the encryption key, so forging somemthing that opens with the same decryption key is hard. But I have yet to see somebody encrypt pdfs with an asymetric method.


With "identity certificates" or "electronic IDs" used in parts of Europe, documents are indeed signed with asymmetric cryptography: a recipient of a document can't modify it and keep the signature valid.


> That's exactly what it is. In fact encryption is even more secure than a normal written signature.

No, certainly not.

The biggest issue is that you're conflating a human concept of a signature and the cryptographic one. This is obvious from your second paragraph.

> I can sign a piece of text put it here -- sign it with my private key -- put it on HN with my public key and everyone can be sure I wrote it.

Cryptographically maybe, legally no. We lack crucial information about who can use your keys, there's nothing that says you can't share a random keypair that has no legal backing. We also don't know if your keys are valid at all, maybe you're underaged? Do we know if your keys were valid during the time of signing, maybe you were underaged?

It's way more complex than Sign(text).


Are encrypted PDFs signed? AFAIK it's just symmetric encryption. You only need a password to decrypt, after all




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: