DSA and ECC (was: Looking for Elgamal sign+encrypt key
information)
David Shaw
dshaw at jabberwocky.com
Wed Mar 24 02:09:06 CET 2004
On Tue, Mar 23, 2004 at 05:04:00PM -0500, Atom 'Smasher' wrote:
> > If MDC-2 is applied with DES as block cipher the hash is only 2x64=128
> > bits. Is this what is stated in the new DSS (ANSI X-9.31)? I thought a
> > longer hash would be needed to make any use of longer signing keys. With
> > the "old" RSA signature algo a much longer hash can be used e.g. the
> > forthcoming SHA-256.
> ============================
>
> "forthcoming SHA-256"???
>
> gpg 1.2.4 can handle SHA256, but only to verify, not to sign.
>
> 1.3.5 handles SHA256 (H8), SHA384 (H9) and SHA512 (H10).
>
> Secure Hash Standard (SHS)
> (SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 algorithms)
> http://csrc.nist.gov/cryptval/shs.htm
>
> btw, why does gpg list the SHA-x family of hashes without a dash? the
> official spec ~does~ include a dash ;)
The OpenPGP spec doesn't use a dash. No idea why.
David
More information about the Gnupg-users
mailing list