Signing or Encrypting to the Full Extent... Is It All About Key
Size or What???
atom at suspicious.org
Tue Aug 3 07:53:25 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Mon, 2 Aug 2004, InHisGrip wrote:
> Sorry but I am just curious. If you would notice, I have signed this
> message and it has PGP Signed - Hash:SHA1 only. How do I make this to
> SHA256 or even greater as with Mr. Atom Smasher's all signed email
heh... whatever you do, don't do what i do ;)
i have a habit of pushing the limits of pgp.
signatures of SHA-256 hashes can not be generated in 1.2.x branch of
GnuPG... the development branch is not recommended for general
i noticed that you signed your message with a 4096-RSA key 0xD60DAC97.
when 1.3.x development becomes 1.4.x stable, then you'll be able to sign
messages with SHA-256 (keep reading for reasons *not* to do that)... most
people, however, use DSS primary keys and will be unable to use that with
any hash larger than SHA-1 (not that there'd be any point in doing that,
since the key is limited to 1024).
of course, i would recommend adding 1024-2048 subkeys (to your 4096 key)
for signing and encryption. that should be sufficient for the near term
future, and you can always revoke a subkey that's too small or
compromised, and replace it with a bigger subkey. and if that happens, you
can still keep the same primary key and all signatures you collect on
it... i suspect that in the not-too-distant future DSS will be abandoned,
and with it a lot of signed keys.
> When I first generated a key, I chose the default DSA & ElGamal 1792
> key. If I have generated RSA Sign and Encrypt with key as much as 4096,
> would you think I would have SHA256 or unless otherwise? In other words,
> more secure and harder for others to break? Or at least, will take a
> little bit of time to?
i was asking some SHA-256 questions on the development list, not long ago,
and one fact that was pointed out to me is that SHA-256 isn't
~necessarily~ stronger than SHA-1... it's not the same thing, only bigger;
it's a different algorithm that hasn't been around as long, hasn't been
studied as much, etc. history might prove that it's actually weaker than
SHA-1... and support for SHA-256 isn't nearly as widespread as support for
SHA-1, so if you send a message to someone using PGP-x, they may or may
not be able to verify your signature.
OTOH, if one assumes that SHA-256 really is stronger than SHA-1, then it
would be arguably more secure to sign messages with it... remember, you're
not signing _the_message_, you're signing a _hash_ of the message... so,
if someone wants to forge a signature they can do it by attacking the hash
function... a larger hash (assumed to be more secure) would thus be harder
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
"When one tries to rise above Nature one is
liable to fall below it."
-- Sherlock Holmes (Arthur Conan Doyle)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
-----END PGP SIGNATURE-----
More information about the Gnupg-users