SHA3 IANA registration - method?
openpgp at brainhub.org
Thu Dec 13 21:46:51 CET 2012
Yes, there is no FIPS document that specifies the SHA-3 yet. We should
expect that NIST will be produce it a few months; it is mostly an
editorial matter at this point. There are test vectors on
http://keccak.noekeon.org/ that should continue to work.
The main unknown that the FIPS document will solve is which hash sizes
it will decide to mandate, plus, the fact that we need a hard reference
to list in the OpenPGP Keccak spec.
We also need to wait for the OIDs for the hash algorithms (remember
that's what we do in OpenPGP).
These dependencies are listed on the front page of the spec I sent.
If there is no interest to fix collision weakness of OpenPGP
fingerprints in the same spec, this makes things easier. The issue in my
mind is that OpenPFP fingerprint and SHA-3 may be dependent if the
OpenPGP community is to adapt the hardwired SHA-3 fingerprints. In this
case we would have two methods: old/new SHA-1/SHA-3 fingerprints. With
this situation one would need to differentiate/optimize regarding which
fingerprint to use and so things like hash preferences on the keys may
play some role here. While I also agree that SHA-3 in OpenPGP should
only be concerned with SHA-3, it would be ideal if we wrote it with good
ideas for the direction in which fingerprints will evolve.
More information about the Gnupg-devel