Weaknesses in SHA-1

Alan S. Jones asj at ipa.net
Thu Sep 23 03:48:43 CEST 2004

>> I know t hat SHA-1 has been analyzed more then SHA256, SHA384, or SHA512
>> thus could actually be stronger.  However why not let people create keys
>> with those algorithms also in 1.4?
>I'm not sure what you mean here - these are hash algorithms.  You
>don't create a key using them.

Sorry, wrong wording on the hash/key thing.... let me restate.

Previously you stated that 1.2.x supports MD5, SHA1, and RIPEMD160 and
read-only support for SHA256  Also 1.4 will supports MD5, SHA1, RIPEMD160,
and SHA256, but only have read only support for SHA384 and SHA512.

Why not allow for full support of SHA384 and SHA512 and not just read-only
support in GnuPG 1.4?

Alan S. Jones
asj at ipa.net

More information about the Gnupg-users mailing list