Does it weaken a private key...

Werner Koch wk at
Sun Dec 6 18:23:53 CET 1998

Oscar Levi <elf at> writes:

> to sign many short messages?  I have an application that signs
> thousands of short, 40 byte messages.  Would it be desirable to pad my
> message length with more data?

No.  We do not sign the message but the hash of the message which is a
20 byte value.  Only if the hash function is detected to be bad we
have problems - but everything relies on a good cryptographic hash
even the RNG uses the hash function to protect its internal state.


More information about the Gnupg-devel mailing list