digest-algo SHA256, SHA-1 attacks
peter at digitalbrains.com
Wed Nov 26 20:39:33 CET 2014
On 26/11/14 20:31, NdK wrote:
> Well, IIUC with rhash you're giving the attacker another mean to tamper
> with your message. Unless 'r' is chosen deterministically.
'r' is randomly generated for each signature by the /signing/ party. So the
attacker loses control over the input to the hashing algorithm, and they no
longer can use collision attacks because they don't know the exact input to the
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users