[Cryptography] Attaching the signing public key to data being signed
Salz, Rich
rsalz at akamai.com
Tue Feb 28 20:53:31 EST 2017
> My question is: would it help to also integrate the public key being used to
> produce the signature into the data being signed? Are there any attacks that
> this would help prevent? Has this construction been studied? Can anyone
> point me to a paper?
Yes it is worth doing this.
See eIDAS (EU signature regulations) and XaDES
--
Senior Architect, Akamai Technologies
Member, OpenSSL Dev Team
IM: richsalz at jabber.at Twitter: RichSalz
More information about the cryptography
mailing list