summaryrefslogtreecommitdiff
path: root/src/pq/pq_query_helper.c
diff options
context:
space:
mode:
authorJeff Burdges <burdges@gnunet.org>2016-03-20 14:44:36 +0000
committerJeff Burdges <burdges@gnunet.org>2016-03-20 14:44:36 +0000
commit60de5f48cbfc3868570284e91415ca7e06c390e1 (patch)
tree3e75dfd8c6a3400b1641655d0e96104420535d42 /src/pq/pq_query_helper.c
parent157f9a2bc96a0b1594effe78158894e59e03a033 (diff)
Implement a Full Domain Hash (FDH) for RSA signatures and blind signatures
This gives a measure of provable security to the Taler exchange/mint against hypothetical one-more forgery attacks. See: https://eprint.iacr.org/2001/002.pdf http://www.di.ens.fr/~pointche/Documents/Papers/2001_fcA.pdf We seed the FDH with the denomination keys as as a homage to RSA-PSS. This may slightly improves the exchanges's resistance to a violation of RSA-KTI and against insiders who can influence the choice of RSA keys but cannot actually exfiltrate them. Adopting FDH fixes a bug when using 512 bit RSA keys as well.
Diffstat (limited to 'src/pq/pq_query_helper.c')
0 files changed, 0 insertions, 0 deletions