I'm just trying to understand how a Weak/broken hash can break RSA-PSS or any other signature/encryption that uses it. I know you can forge another message that has the same hash but that message probably doesn't mean anything, sending random numbers isn't really worth the trouble.
Asked
Active
Viewed 213 times
1
-
Welcome to Cryptography. If you are interested in Weak/broken hash function that can cause a break in RSA-PSS then it is a fine question, if you asking for any other signature/encryption then it is a broad question. This seems like a survey task, is it? – kelalaka Jun 07 '20 at 16:31
-
Also, which version What is the difference between RSASSA-PSS signing and RSA-PSS signing? – kelalaka Jun 07 '20 at 16:39
-
1"I know you can forge another message that has the same hash but that message probably doesn't mean anything"; actually, if the hash is vulnerable to a chosen prefix collision attack (which would include MD5 and SHA1), then the prefix of both messages can be perfectly legitimate; there will be some segment of data which is likely random looking (the part that the attack selects); however depending on the format the data is in, that might be unremarkable. – poncho Jun 07 '20 at 18:11
-
I'm interested in RSA-PSS and why a hash function works and why it's necessary for it to be collision resistant. how can a hacker for example exploit such weakness? like hashing with an MD5 or any other weak one like a hash function where H(2M)=4H(M) – Ahmad Wahbi Jun 08 '20 at 12:03