|author||Jeff Burdges <email@example.com>||2016-03-20 14:44:36 +0000|
|committer||Jeff Burdges <firstname.lastname@example.org>||2016-03-20 14:44:36 +0000|
Implement a Full Domain Hash (FDH) for RSA signatures and blind signatures
This gives a measure of provable security to the Taler exchange/mint against hypothetical one-more forgery attacks. See: https://eprint.iacr.org/2001/002.pdf http://www.di.ens.fr/~pointche/Documents/Papers/2001_fcA.pdf We seed the FDH with the denomination keys as as a homage to RSA-PSS. This may slightly improves the exchanges's resistance to a violation of RSA-KTI and against insiders who can influence the choice of RSA keys but cannot actually exfiltrate them. Adopting FDH fixes a bug when using 512 bit RSA keys as well.
Diffstat (limited to 'src/pq/pq_query_helper.c')
0 files changed, 0 insertions, 0 deletions