Problems with interpolibility between GnuPG and PGP when using SHA384-SHA512 hashes

Joe Vender jvender at owensboro.net
Thu Jun 17 20:40:08 CEST 2004


On 17 Jun 2004 at 8:56, David Shaw wrote:

> It's an open question, and one of the reasons (aside from the need for a
> compiler that can handle 64-bit math), that the 512 and 384 hashes are
> not enabled by default.

Since the version of GnuPG that I compiled using MSYS/MingW on Win98SE 
seems to work without returning any errors when using these hashes, I 
assume my compiler handles the 64-bit math ok.

> The implementation in GnuPG matches all of the SHA test vectors, so I
> doubt there is a implementation bug.  I suspect that PGP 8 doesn't allow
> for these hashes for some reason, but don't know for sure.
> 

You may be right about PGP not handling these hashes, but that would be 
in conflict with the information that PGP Corp. has posted on their 
website regarding what the new SDK handles starting with 3.0. They 
explicitly state <http://www.pgp.com/products/sdk.html>:
__________

The PGP SDK supports the following algorithms:

    * Ciphers
          o IDEA
          o TripleDES
          o CAST5
          o AES (128-, 182-, and 256-bit key lengths)
          o Twofish (256-bit key length) 
    * Hashes
          o MD5
          o SHA-1
          o RIPEMD160
          o SHA-2 (256-, 384-, and 512-bit lengths) 

    * Public Key Algorithms
          o RSA
          o Diffie-Hellman
          o DSA 
__________





More information about the Gnupg-devel mailing list