Weaknesses in SHA-1
atom at suspicious.org
Wed Sep 22 01:25:20 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
it's unfortunate that this thread is "Weaknesses in SHA-1". it really
should be "rumored Weaknesses in SHA-1".
(never mind that i sign with SHA-256) SHA-1 has been subject to much more
critical analysis than the larger SHA variants, and for that reason it can
be considered more secure.
since most people are using DSA (really DSS) signatures, most people are
stuck with a 160 bit hash for signatures. the only common 160 bit hash
that's generally considered to be comparable to SHA-1's security is
RIPEMD-160. gpg 1.2 fully supports RIPEMD-160 and i don't think it's going
away anytime soon... and it works with DSA (DSS) signatures. if you're
concerned about SHA-1, just add this to your gpg.Cong:
## this creates RIPEMD-160 data signatures
## this creates RIPEMD-160 key signatures
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
"Generally, news reporting and punditry are
respectful of the rich and disdainful of the poor."
-- Syndicated columnist Norman Solomon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
-----END PGP SIGNATURE-----
More information about the Gnupg-users