Strengthening Digital Signatures via Randomized Hashing
draft-irtf-cfrg-rhash-01

Document Type Expired Internet-Draft (cfrg RG)
Last updated 2007-10-23
Stream IRTF
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html
Stream IRTF state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-irtf-cfrg-rhash-01.txt

Abstract

This document describes a randomized hashing scheme consisting of a simple message randomization transform that when used as a front-end to regular hash-then-sign signature schemes, such as RSA and DSS, frees these signatures from their current vulnerability to off-line collision attacks against the underlying hash function. The proposed mechanism can work with any hash function as-is and requires no change to the underlying signature algorithm. Incorporating this mechanism into existing applications requires changes that are comparable in their complexity to accommodating a new (deterministic) hash function such as SHA-256. Visit http://www.ee.technion.ac.il/~hugo/rhash/ for more information and updates on this work.

Authors

Shai Halevi (shaih@alum.mit.edu)
Hugo Krawczyk (hugo@ee.technion.ac.il)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)