storing keyrings into SQL database?
Fri May 23 22:01:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, May 23, 2003 at 01:32:50PM -0500, Ryan Malayter wrote:
> From: Jean-David Beyer [mailto:firstname.lastname@example.org]
> >A year of days is between 8 and 9 bits, and I think you
> >would need a collection of about 2^4.5 people to have a
> >better-than-50% chance of collision.
> Gotta love the old "birthday" paradox... it is the reason why SHA-1 only
> offers 80 bits of effective security (collision resistance), even though
> the hash is 160 bits long. Since a PGP fingerprint is only 80 bits of an
> SHA-1 hash, it offers just 40 bits of collision resistance.
This is not correct. PGP uses all 160 bits of the SHA1 fingerprint,
giving 80 bits of collision resistance.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
-----END PGP SIGNATURE-----