digest-algo SHA256, SHA-1 attacks

Peter Lebbing peter at digitalbrains.com
Wed Nov 26 20:39:33 CET 2014

On 26/11/14 20:31, NdK wrote:
> Well, IIUC with rhash you're giving the attacker another mean to tamper
> with your message. Unless 'r' is chosen deterministically.

'r' is randomly generated for each signature by the /signing/ party. So the
attacker loses control over the input to the hashing algorithm, and they no
longer can use collision attacks because they don't know the exact input to the
hashing algorithm.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

More information about the Gnupg-users mailing list