Il 26/11/2014 20:15, Peter Lebbing ha scritto: > Has something like randomized hashing[2] been considered by the OpenPGP > standardization people? Well, IIUC with rhash you're giving the attacker another mean to tamper with your message. Unless 'r' is chosen deterministically. But then it can be predicted and could be accounted for... Maybe it could be more effective to use two different hash functions, one to generate 'r' and the other on the result?
BYtE, Diego _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
