digest-algo SHA256, SHA-1 attacks
Peter Lebbing
peter at digitalbrains.com
Wed Nov 26 20:39:33 CET 2014
On 26/11/14 20:31, NdK wrote:
> Well, IIUC with rhash you're giving the attacker another mean to tamper
> with your message. Unless 'r' is chosen deterministically.
'r' is randomly generated for each signature by the /signing/ party. So the
attacker loses control over the input to the hashing algorithm, and they no
longer can use collision attacks because they don't know the exact input to the
hashing algorithm.
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list