Yes, Mohammed, I want to prevent the colisions. MD5 is not as resistant as SHA-1, while co-author of SHA-1 is NSA, so we are not 100% sure, if they have this alg. cracked, but is good rated anyway! Crypto++ contains 2 different types, i.e. RSA-ES for encryption and RSA-SS for signature. You say that I can use RSA-ES, that is intended for encryption and sign the combined hash using its private key? The truth is I am not sure how to do it...
Haytham Mohammed wrote: > > Hi Jakub > > What is your reference for this idea? (it is a creative one :) ) > I think it will be more secure since the collision resistance will be > increased. > > you are going to hash the message twice > 1-once with SHA and other with MD5 > 2-then concat the 2 hashes > 3-then encrypt the result from 2 using your private key (using RSA) > 4- the result from 3 is the signature :) > > Regards > Haytham Mohammed > > Jakub <[EMAIL PROTECTED]> wrote: > > Does anybody know, how to combine i.e. SHA + MD5 hashes in one signature > (i.e. RSA)? I know that there may be 2 separated signatures, but it should > be more secure and efficient having 2 hashes in one signature. > Thanks, Jakub > -- > View this message in context: > http://www.nabble.com/SHA-MD5-Combination-tf2192153.html#a6066434 > Sent from the Crypto++ forum at Nabble.com. > > > > > --------------------------------- > Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great > rates starting at 1¢/min. > -- View this message in context: http://www.nabble.com/SHA-MD5-Combination-tf2192153.html#a6179915 Sent from the Crypto++ forum at Nabble.com.
