Weaknesses in SHA-1, gnupg dev versions
David Shaw
dshaw at jabberwocky.com
Mon Sep 27 01:52:09 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, Sep 22, 2004 at 06:47:27PM -0400, Atom 'Smasher' wrote:
> On Wed, 22 Sep 2004, Thomas Schorpp wrote:
>
> > i would like sha512 too for better protection of my passphrase(?).
> > sorry, i cant afford helping implementing crypto-algorithms in gnupg.
> ===============
>
> it may or may not be any better.
>
> --s2k-digest-algo
>
> of course that wil work with almost any hash other than SHA-512 ;)
>
> hhmmm... just noticed the (1.2.4) man page on that:
>
> --s2k-digest-algo name
> Use name as the digest algorithm used to mangle the passphrases.
> The default algorithm is SHA-1. This digest algorithm is also
> used for conventional encryption if --digest-algo is not given.
>
> i'm not sure what that last sentence means here, but it's not in the 1.3.6
> man page.
It means that in 1.2.x that --digest-algo is used for passphrase
mangling when using --symmetric, but --s2k-digest-algo is used for
other passphrase mangling. In 1.3.x, --s2k-digest-algo is used for
all passphrase mangling.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.90-cvs (GNU/Linux)
iGoEARECACoFAkFXVikjGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2tleS5h
c2MACgkQ4mZch0nhy8nsBACfejHYdgA1pr7KZ3ZZ7f+4WFLEb/UAoM2YHpPYObyL
kGopYY4m0pMDwtVf
=D+I2
-----END PGP SIGNATURE-----
More information about the Gnupg-devel
mailing list