[Cryptography Team] Re: KryptOn MakoEnvelope
signedAndSealedFrom:to:object:
Cees De Groot
cdegroot at gmail.com
Wed Jan 11 10:05:03 CET 2006
> > With specific reference to a Mako signed-sealed
> > envelope, probably the
> > best thing to do is to perform the public-key
> > signing operation on the
> > original data,
Err... recalling vaguely from memory - wasn't signing plaintext a big
no-no? There were some attacks on RSA that based on feeding a signer
plaintexts (or is my memory leaving me here?)...
I always sign hashes...
More information about the Cryptography
mailing list