Weaknesses in SHA-1

David Shaw dshaw at jabberwocky.com
Mon Sep 27 16:49:30 CEST 2004


On Mon, Sep 27, 2004 at 01:56:25PM +0200, Johan Wevers wrote:
> Alan S. Jones wrote:
> 
> >Why not allow for full support of SHA384 and SHA512 and not just read-only
> >support in GnuPG 1.4?
> 
> And not to forget Tiger192. Why remove support for it in the light of these
> developments?

Why would you use Tiger192 when SHA256 is available?  I imagine SHA256
is getting a lot more attention by people trying to break it than
Tiger192 is.

In any event, Tiger192 was removed from the OpenPGP standard (not
because it was thought weak, but because nobody really used it and
there were longer hashes available).

David



More information about the Gnupg-users mailing list