New results against SHA-1
wk at gnupg.org
Mon May 4 10:24:20 CEST 2009
On Fri, 1 May 2009 05:58, atom at smasher.org said:
> so... when is the open-pgp spec moving beyond SHA1 hashes to identify
> public keys? what's next? will it have to be a bigger hash?
OpenPGP does not claim that the fingerprint is a unique way to identify
Also note that the results are about collision attacks and not about
second preimage attacks. Thus the whole thing basically boils down to
the concept of non-repudiation; something which is very hard to achieve
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users