Cryptology ePrint Archive: Report 2007/238
Long-lived digital integrity using short-lived hash functions
Abstract: New collision-finding attacks on widely used cryptographic hash functions raise questions about systems that depend on certain properties of these functions for their security. Even after new and presumably better hash functions are deployed, users may have digital signatures and digital time-stamp certificates that were computed with recently deprecated hash functions. Is there any way to use a new and currently unassailable hash function to buttress the security of an old signature or time-stamp certificate?
The main purpose of this note is to remind the technical community of a simple solution to this problem that was published more than a decade ago.
Category / Keywords: implementation / hash functions, digital signatures
Publication Info: Presented at NIST's Second Cryptographic Hash Workshop, August 2006.
Date: received 15 Jun 2007
Contact author: stuart haber at acm org
Available format(s): PDF | BibTeX Citation
Note: Also available as HP Labs Technical Report no. HPL-2007-58.
Version: 20070619:195921 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]