Transcript Hash Transition Updates Jim Schaad Soaring Hawk Consulting

Hash Transition Updates
Jim Schaad
Soaring Hawk Consulting
ESSCertID
• Currently
– SHA-1 HASH of entire certificate
– Optional issuer and serial number of cert
• Proposed Update
– HASH of entire certificate
– Hash identifier of entire certificate
– Optional issuer and serial number of cert
Parallel Signing Indicator
• Problem Statement
– Alice signs using both SHA-1 and SHA-256
– Mallory removes the SHA-256 signature and
“successfully” attacks SHA-1
– Bob can do SHA-256, but does not know that
the parallel signature has been removed
Solution
• New signed attribute signaling that
multiple signatures were applied
• Must be computable BEFORE any
signatures are applied
• Must contain enough information to
identify back to signatures in some fashion
Possible Data
• Body Digest algorithm
• Signature algorithm
• Identification of public key used for
signature
Questions