On 10 Aug 2002, Eric Rescorla wrote:
It's generally a bad idea to sign RSA data directly. The RSA
primitive is actually quite fragile. At the very least you should
PKCS-1 pad the data.
-Ekr
This is true. Cyclopedia Cryptologia has a short article detailing
some of the attacks against direct
Eugen Leitl [EMAIL PROTECTED] writes:
1) What's the name of the technique of salting/padding an small integer
I'm signing with random data?
Blinding? Padding? It depends on what you are trying to accomplish.
2) If I'm signing above short (~1 kBit) sequences, can I sign them
Eugen Leitl asked:
1) What's the name of the technique of salting/padding an small integer
I'm signing with random data?
You shouldn't need to salt/pad with random data, fixed data should be
OK.
2) If I'm signing above short (~1 kBit) sequences, can I sign them
directly, or am I
Nomen Nescio [EMAIL PROTECTED] writes:
Derek Atkins replied:
It depends on the signature algorithm. With RSA you can sign any
message directly if said message is smaller than the public key size
(N). DSA, however, requires the use of a hash.
Actually, depending on the data being
