Bitcoin Forum
May 20, 2019, 08:55:32 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Why is not the hash (SHA-256) written to the signature  (Read 122 times)
MixMAx123
Newbie
*
Offline Offline

Activity: 29
Merit: 2


View Profile
December 01, 2017, 11:12:02 AM
 #1

Why is not the hash (SHA-256) written to the signature as it is common with other software?

The SHA-256 is considered safe! Thus the correctness of a software can be clearly examined. If the hash is now in the signature, 1. the authenticity of the signature can be clearly checked and 2. the hash contained therein (SHA-256) can not be forged. Because then the signature would be wrong!

With Bitcon Core and other critical software it's handled the same way, why do you do it differently and make it unnecessarily difficult for new users?

Please write the hash in the signature! There are no reasons not to do it.
1558385732
Hero Member
*
Offline Offline

Posts: 1558385732

View Profile Personal Message (Offline)

Ignore
1558385732
Reply with quote  #2

1558385732
Report to moderator
BITDEER BTC/BCH ETH LTC ZEC DASH START MINING BTC NOW
WITH NEW GENERATION S17 ANTMINER!
Highly Reduced Electricity Fee $0.067/T/DAY! GET STARTED
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1558385732
Hero Member
*
Offline Offline

Posts: 1558385732

View Profile Personal Message (Offline)

Ignore
1558385732
Reply with quote  #2

1558385732
Report to moderator
1558385732
Hero Member
*
Offline Offline

Posts: 1558385732

View Profile Personal Message (Offline)

Ignore
1558385732
Reply with quote  #2

1558385732
Report to moderator
1558385732
Hero Member
*
Offline Offline

Posts: 1558385732

View Profile Personal Message (Offline)

Ignore
1558385732
Reply with quote  #2

1558385732
Report to moderator
ranochigo
Legendary
*
Offline Offline

Activity: 1666
Merit: 1132

Somewhat inactive.


View Profile WWW
December 01, 2017, 11:39:41 AM
 #2

If you're going to verify the signature, you would most probably have a program used to verify PGP already downloaded. If you want to verify the SHA256, you first would have to verify the authenticity of the message and then the authenticity of the program.

If you were to just verify the program using the PGP, it would definitely be safe since you would be checking against ThomasV's signature. I would imagine many people would just verify the SHA256 signature alone and not the PGP message and that is no difference from not verifying it.

MixMAx123
Newbie
*
Offline Offline

Activity: 29
Merit: 2


View Profile
December 01, 2017, 12:08:14 PM
Last edit: December 01, 2017, 12:31:54 PM by MixMAx123
 #3

"I would imagine many people would just verify the SHA256 signature alone and not the PGP message and that is no difference from not verifying it."

So do not put the hash in the signature to prevent someone from using the hash easily without checking the signature.
Ok, that's an argument I understand Smiley
However, I personally think that as it is now, most people do without verification altogether.

Edit:
My problem here was the following:

Checking the signature is easily possible.
Checking the file via hash also no problem.

It was not possible to check the file only with the PGP signature without hash.
Even with the instructions it is too heavy and impenetrable
A DOS input is required. At least here, most people will probably give up.
Therefore, checking the hash in the signature would be much easier. So more people would do it that way.

It is also true that people are afraid and want to make sure they are smart and anyway go the right way and will also check the signature.
The others who are reckless will not even do a test.
By withholding the hash in the signature, it is now difficult for people who want to do it right.

Abdussamad
Legendary
*
Offline Offline

Activity: 2100
Merit: 1147



View Profile WWW
December 01, 2017, 07:42:12 PM
 #4

A digital signature is a signed hash of the message. In this case the message being the file you downloaded. So the hash is there it's just that the verification of the signature is automated by gpg so you don't see it.

The reason Core does things the way it does them is because they have lots of different files that they want to sign so they generate sha256sums of all of them and then sign that file of checksums. In Electrum's case there aren't many files so it's easier just to sign them directly. The end result is the same. They are both equally secure. So please just verify the signature.

And FYI if you are advocating for unsigned hashes published on the electrum site then you should know that they only serve to give users a false sense of security. Fake electrum sites can also publish unsigned hashes. They are meaningless.

MixMAx123
Newbie
*
Offline Offline

Activity: 29
Merit: 2


View Profile
December 01, 2017, 09:15:15 PM
Last edit: December 01, 2017, 09:26:16 PM by MixMAx123
 #5

"In Electrum's case there aren't many files so it's easier just to sign them directly."
Easier for the users or the developers?

"And FYI if you are advocating for unsigned hashes published on the electrum site"
This is a insinuation that is not true!


"so it's easier just to sign them directly"
That's the point, thanks, I understand.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!