[11438] in cryptography@c2.net mail archive
Re: adding noise blob to data before signing
daemon@ATHENA.MIT.EDU (Derek Atkins)
Sat Aug 10 13:10:44 2002
To: Eugen Leitl <eugen@leitl.org>
Cc: Cryptography List <cryptography@wasabisystems.com>
From: Derek Atkins <derek@ihtfp.com>
Date: 10 Aug 2002 12:49:40 -0400
In-Reply-To: <Pine.LNX.4.33.0208101159440.2267-100000@hydrogen.leitl.org>
Eugen Leitl <eugen@leitl.org> writes:
> 1) What's the name of the technique of salting/padding an small integer
> I'm signing with random data?
Blinding? Padding? It depends on what you are trying to accomplish.
> 2) If I'm signing above short (~1 kBit) sequences, can I sign them
> directly, or am I supposed to hash them first? (i.e. does a presence
> of an essentially fixed field weaken the signature)
It depends on the signature algorithm. With RSA you can sign any
message "directly" if said message is smaller than the public key size
(N). DSA, however, requires the use of a hash.
Note that, in the grand scheme of things, performing the public key
operation is significantly slower than performing the hash, so it
really doesn't hurt you computationally to perform the hash. OTOH,
your signature strength still depends on the strength of your hash.
-derek
--
Derek Atkins
Computer and Internet Security Consultant
derek@ihtfp.com www.ihtfp.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
