Weaknesses in SHA-1

Atom 'Smasher' atom at suspicious.org
Wed Sep 22 01:25:20 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

it's unfortunate that this thread is "Weaknesses in SHA-1". it really 
should be "rumored Weaknesses in SHA-1".

(never mind that i sign with SHA-256) SHA-1 has been subject to much more 
critical analysis than the larger SHA variants, and for that reason it can 
be considered more secure.

since most people are using DSA (really DSS) signatures, most people are 
stuck with a 160 bit hash for signatures. the only common 160 bit hash 
that's generally considered to be comparable to SHA-1's security is 
RIPEMD-160. gpg 1.2 fully supports RIPEMD-160 and i don't think it's going 
away anytime soon... and it works with DSA (DSS) signatures. if you're 
concerned about SHA-1, just add this to your gpg.Cong:

## this creates RIPEMD-160 data signatures
digest-algo RIPEMD160

## this creates RIPEMD-160 key signatures
cert-digest-algo RIPEMD160



 	...atom

  _________________________________________
  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -------------------------------------------------

 	"Generally, news reporting and punditry are
 	 respectful of the rich and disdainful of the poor."
 		-- Syndicated columnist Norman Solomon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJBULhmAAoJEAx/d+cTpVcixhgIAJ+2q3m89vT/8xAG2wv7QUah
8tkIaAeiFvrp+oZBti58loh5PMUyZCedNg8NPK8sz49D1vdiYJPzigoAal9sfw9H
NvkTJw2FxcvQ1K4c0ffBdlqVRU5/edAvsi8Y2BLliBCN/cxbsKUbLk0pduKsL1SL
bfoiWIsasNwtruDNYWktIAHvGnbPhCwFgIPB8bMQycoVix3jpWlX3eh4zHwSfFHH
GlaN7djKPj2U+efRzWV3IgXBao5NZDUM2cikJSOyFv/WrrSy1p7BGLZJg73PWvYL
I1oh16K1OGPkeKVCQvEXO1UlWWW4Uv7xOsdGCOkwTPUqJ8H+ucHc7Xu5BLVgeUU=
=LPq2
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list