please change the default hashing algorithm
Ben McGinnes
ben at adversary.org
Wed Jul 15 00:14:35 CEST 2015
On 15/07/2015 6:25 am, Robert J. Hansen wrote:
>> course, the switch will happen, but it might be slow. Perhaps GPG
>> could give users better guidance that they ought to be using Curve
>> 25519 rather than the vulnerable NIST or brainpool curves. (I'm
>
> "Vulnerable" NIST or Brainpool curves?
>
> I'm unaware of any attack against either NIST or Brainpool curves. If I
> missed something, I'd love to know about it.
>
> If this is about hypothetical or conjectured risks, then you should say
> that instead. "Vulnerable" is the sort of language we use to describe
> SHA-1 -- the risk is real, we're seeing attacks getting better over
> time, and so on. To my knowledge, that isn't the case for NIST or
> Brainpool.
Yes, you're quite right, we should just say that they're suspect as a
result of interference with NIST by NSA. Still, that is a pretty
compelling argument, especially for those of us outside of the USA.
Regards,
Ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150715/28c02c29/attachment.sig>
More information about the Gnupg-devel
mailing list