1

I have to generate a signature for concatenation of multiple independent values say A | B | C. Two options are :

  1. concatenate all attributes and generate the hash. Then Sign hash.

$$ signature = Sign\big(Hash(A\mathbin\| B \mathbin\| C)\big)$$

  1. Use hash of previous value along with current value to generate the hash. Sign the generated hash.

$$ signature = Sign\big(Hash\big(Hash\big(Hash(A)\mathbin\| B) \mathbin\| C)\big)\big)\big)$$

Analogous to taking two hashes of a value, option 2 seems cryptographically strong. Kindly help in picking right practice and why?

kelalaka
  • 48,443
  • 11
  • 116
  • 196
Genie
  • 83
  • 6
  • Not sure but i will choose the first one for performance reasons, in the case your system is high intense on CPU. In terms of crypto I think both are strong and safe. – camp0 Mar 18 '20 at 09:50
  • 1
    Just wondering, what prevents one from splitting one value into 3 and use the second approach? If Hash is SHA-1 then the 1. can be insecure as of 2020. – kelalaka Mar 18 '20 at 10:58

0 Answers0