SHA1 broken?

Johan Wevers johanw at vulcan.xs4all.nl
Wed Feb 16 20:59:04 CET 2005


Atom Smasher wrote:

>the openPGP spec seemed to have assumed that SHA-1 just wouldn't fail. 
>ever. this was the same mistake made in the original version of pgp that 
>relied on md5.

Well, the original pgp 1.0 used MD4. When that was broken, it got replaced
by MD5. This does require the OpenPGP spec to be adapted of course. And in
the pgp 1 and 2 age, the web of trust was of course much smaller than it is
now, so it required less work.

>the spec needs to allow a choice of hash algorithms for fingerprints and
>key IDs, or else we'll play this game every time someone breaks a strong
>hash algorithm.

That would be a more flexible approach than hardwiring a new hashalgo each
time the previous one was broken. Perhaps a reason to re-add the 1.0 way
of adding encryption and hash functions as dynamic loadable modules to the
main program?

-- 
ir. J.C.A. Wevers         //  Physics and science fiction site:
johanw at vulcan.xs4all.nl   //  http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html



More information about the Gnupg-users mailing list