> > I would still recommend changing the Java code to use hashed signature. >
I'm just bike shedding and working in a vacuum, so forgive me if I'm missing something obvious (like the use case :). But I have to agree with Uri. Hashing a message before signing it is one of the earliest public key discoveries and attacks. Bernstein has a very good history on the subject at "RSA signatures and Rabin–Williams signatures: the state of the art", http://cr.yp.to/sigs/rwsota-20080131.pdf. My apologies if your problem domain takes you in another direction. -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
