A common practice for signing with RSA is to first apply a hash function or a redundancy function to the message, add some padding and exponentiate the resulting padded message us...
To sign with RSA, one usually encodes the message m as µ(m) and then raises the result to the private exponent modulo N. In Asiacrypt 2000, Coron et al. showed how to build a secu...
RSA-FDH and many other schemes secure in the Random-Oracle Model (ROM) require a hash function with output size larger than standard sizes. We show that the random-oracle instanti...