Security problems of signing lots of small data chunks

I want to sign huge numbers of small data chunks (hashes, e.g. SHA) using asymmetric key algorithms (preferably RSA with GPG) and make the signed files publicly available.

Does this in any way bring security problems, like making my private key easier to calculate?

If so, what ways are there to prevent this?


As an example what this should be used for: file time stamp signing, to sign the fact that a certain file existed at a given time. As bandwidth is limited, only the hash shall be sent to the signing server, which signs the hash with the date appended and returns the signature.


It shouldn't make your key easier to guess, although there are attacks against certain algorithms that allow iteratively chosen plain text to help break the key.

There could be a problem in that if you sign something small, then it probably wont have much meaning. It could be then used in a different context. There may be related problems if you sign to similar versions where a responsibility changes from one part to another, allowing an adversary to mix-and-match versions so the whole does not contain the responsible part.

What you might want to do is sign a file containing secure hashes of each of the small files.

Need Your Help

Guess XML's root element attributes from schema

php xml xsd

I'm not very keen on XML but I must generate and validate some XML files from according to a XSD file.

How can I test Mailchimp radio buttons in PHP?

php radio-button mailchimp

I have a Mailchimp radio button setup for Yes/No. I'm having trouble testing it's value from PHP with something like this...

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.