Weaknesses in SHA-1

David Shaw dshaw at jabberwocky.com
Tue Sep 28 06:28:27 CEST 2004

On Mon, Sep 27, 2004 at 11:19:39PM +0200, Johan Wevers wrote:

> >I imagine SHA256 is getting a lot more attention by people trying
> >to break it than Tiger192 is.
> Probably. But it still has no proven weaknesses I know of.

Probably a direct function of it not being used anywhere.  If you were
a cryptographer wanting to publish a paper, would you spend time
attacking SHA-x and get famous, or Tiger192 and get a big shrug from
the media?

By the way, I don't have anything against the algorithm or design of
Tiger192.  My reasons to argue against it is more logistics - it
hasn't had much use in the field, and it's not part of OpenPGP any
longer.  Since GnuPG is an OpenPGP client, using Tiger would be
nonstandard, and nonstandard is exactly what you don't want when it
comes time to interoperate with the rest of the world.


More information about the Gnupg-users mailing list