Long-lived digital integrity using short-lived hash functions
New collision-finding attacks on widely used cryptographic hash functions raise questions about systems that depend on certain properties of these functions for their security. Even after new and presumably better hash functions are deployed, users may have digital signatures and digital time-stamp certificates that were computed with recently deprecated hash functions. Is there any way to use a new and currently unassailable hash function to buttress the security of an old signature or time-stamp certificate? The main purpose of this note is to remind the technical community of a simple solution to this problem that was published more than a decade ago.