Adding a pre-hash is the overhead here, because of the internal hash.
Granted, verifying only that hashes match for integrity would be cheaper than checking the signature. But since you need to to that anyway for authenticating the payload, why the intermediate step?
> Adding a pre-hash is the overhead here, because of the internal hash.
If it has no other purpose, then yes but only a small amount of overhead if the content is large because the internal hash is over a much smaller content. You have:
hash(<thousands/millions/more>bits) then hash(<hundreds>bits) & sign(<hundreds>bits)*
The bit you save, the hash(<hundreds>bits), is only significant if the input content is of similar size and you are performing the operation many times in quick succession.
> since you need to to that anyway for authenticating the payload
That is true from the client PoV. Server-side you might want to integrity check your data as part of regular proactive maintenance.
Of course I'm assuming here that the digest is stored so it can be used in this way – if not then I agree it is just overhead.
And if they are computing a hash for that anyway, the computation saving from signing the hash not the whole content might be worthwhile?