DSA and ECC (was: Looking for Elgamal sign+encrypt key information)

David Shaw dshaw at jabberwocky.com
Wed Mar 24 02:09:06 CET 2004

On Tue, Mar 23, 2004 at 05:04:00PM -0500, Atom 'Smasher' wrote:
> > If MDC-2 is applied with DES as block cipher the hash is only 2x64=128
> > bits. Is this what is stated in the new DSS (ANSI X-9.31)? I thought a
> > longer hash would be needed to make any use of longer signing keys. With
> > the "old" RSA signature algo a much longer hash can be used e.g. the
> > forthcoming SHA-256.
> ============================
> "forthcoming SHA-256"???
> gpg 1.2.4 can handle SHA256, but only to verify, not to sign.
> 1.3.5 handles SHA256 (H8), SHA384 (H9) and SHA512 (H10).
> 	Secure Hash Standard (SHS)
> 	(SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 algorithms)
> 	http://csrc.nist.gov/cryptval/shs.htm
> btw, why does gpg list the SHA-x family of hashes without a dash? the
> official spec ~does~ include a dash ;)

The OpenPGP spec doesn't use a dash.  No idea why.


More information about the Gnupg-users mailing list