Mailing List Archive: Does it weaken a private key...

Does it weaken a private key...

Dec 5, 1998, 11:24 PM

Post #1 of 2 (204 views)

to sign many short messages? I have an application that signs
thousands of short, 40 byte messages. Would it be desirable to pad my
message length with more data?

I ask here because I'm planning to use gpg as the first signature
interface.

Re: Does it weaken a private key... [ In reply to ]

wk at isil

Dec 6, 1998, 10:23 AM

Post #2 of 2 (202 views)

Permalink

Oscar Levi <elf@buici.com> writes:

> to sign many short messages? I have an application that signs
> thousands of short, 40 byte messages. Would it be desirable to pad my
> message length with more data?

No. We do not sign the message but the hash of the message which is a
20 byte value. Only if the hash function is detected to be bad we
have problems - but everything relies on a good cryptographic hash
even the RNG uses the hash function to protect its internal state.

Werner