Techly NewsGet the app

Get the latest tech news

HashML-DSA Considered Harmful


I mentioned ranted about this topic as a section of a previous blog post (at the very end), but the topic keeps coming up, so I am escalating to a full blog post, since obviously that will help wit…

As you can see, in the world of mathematics, where everything is perfect and wonderful, there are no hashes anywhere, so to understand what prehashing is about, we will unfortunately go a layer deeper, and pretend to implement these functions in made-up pseudo-code which happens to vaguely resemble C++. Side note: A similar thing can be said about the context string, it too breaks the mathematical framework used and cuts through the abstraction layers of what a signature scheme does, but it is pretty easy to ignore or use correctly, so my visceral hatred for the HashML-DSA/HashSLH-DSA variants does not extend quite the same way here. That would have avoided the last minute introduction of HashML-DSA, likely caused the use of explicit rejection in KEMs, and made papers like unbindable Kemmy Schmidt unnecessary to be written months before the standards were finalized.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of DSA

DSA

Related news:

News photo

The European Commission sent a request for information to Temu regarding traders selling illegal goods on its marketplace under the online safety regulation Digital Services Act (DSA)

News photo

DSA vs. DMA: How Europe’s twin digital regulations are hitting Big Tech

News photo

EU ‘closely’ monitoring X in wake of Fico shooting as DSA disinfo probe rumbles on

« LLMs have reached a point of diminishing returns
US ordered TSMC to halt shipments to China of chips used in AI applications »