# Gavin Andresen
# 2011-05-03 23:37:29
# https://bitcointalk.org/index.php?topic=6428.msg105247#msg105247

@s{quotedtext}
@s{quotedtext}
You're suggesting: @p{brk}
ECDSA_SIGN(SHA256(RIPEMD160(SHA256(public_key))+"fixed string"+message)) @p{brk}
 is more secure than: @p{brk}
ECDSA_SIGN(SHA256("fixed string"+message)) @p{par}

It sure looks more secure!  But maybe some super-smart cryptographer will tease out a relationship between all the hashing and signing in the first version and it will turn out to be less secure; maybe she'll figure out a way to factor out the private key if the public key is involved in the salt. @p{par}

I like the simpler version better. @p{brk}