Weaknesses in SHA-1, gnupg dev versions
dshaw at jabberwocky.com
Mon Sep 27 01:52:09 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, Sep 22, 2004 at 06:47:27PM -0400, Atom 'Smasher' wrote:
> On Wed, 22 Sep 2004, Thomas Schorpp wrote:
> > i would like sha512 too for better protection of my passphrase(?).
> > sorry, i cant afford helping implementing crypto-algorithms in gnupg.
> it may or may not be any better.
> of course that wil work with almost any hash other than SHA-512 ;)
> hhmmm... just noticed the (1.2.4) man page on that:
> --s2k-digest-algo name
> Use name as the digest algorithm used to mangle the passphrases.
> The default algorithm is SHA-1. This digest algorithm is also
> used for conventional encryption if --digest-algo is not given.
> i'm not sure what that last sentence means here, but it's not in the 1.3.6
> man page.
It means that in 1.2.x that --digest-algo is used for passphrase
mangling when using --symmetric, but --s2k-digest-algo is used for
other passphrase mangling. In 1.3.x, --s2k-digest-algo is used for
all passphrase mangling.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.90-cvs (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Gnupg-devel