| Implementing the Halevi-Krawczyk Randomized Hashing Scheme (2008) | |||||||||||||||
Abstract | |||||||||||||||
| The Halevi-Krawczyk randomized hashing scheme, also known as RMX, is designed to be used as a front-end to existing hash-then-sign signature schemes, such as RSA and DSS. RMX frees these signatures from their current vulnerability to off-line collision attacks on the underlying hash function, without changing the hash function or signature algorithm. In effect, RMX provides a hedge against collision attacks for both present and future hash functions. In this paper we study the feasibility of deploying RMX in existing applications. We describe an implementation of RMX in OpenSSL, in the Firefox browser, and in XML signatures. In all cases we show that the required code changes are only slightly more complex than accommodating a new (deterministic) hash function. These results suggest that RMX is practical, easy to implement, and can be deployed along with any new hash function. We hope that this paper will serve as a guide for implementing RMX in other systems such as S/MIME, code signing systems, and Java JCE. 1 | |||||||||||||||
Publication details | |||||||||||||||
| |||||||||||||||