SHA2 compatibility

Qed qed at
Sun May 28 09:10:53 CEST 2006

On 05/28/2006 12:03 AM, David Shaw wrote:
>> David Shaw in a recent message <20060526161325.GC19437 at>
>> about DSA2 said:
>>> 3) Allowing truncation of a bigger hash to fit into the however many
>>>    bits the key allows.
>>> As far as I can tell at the moment, PGP 8 allows only #3.  That is,
>>> if you have a regular DSA key (1024 bits, 160-bit hash), you can use
>>> a larger hash like SHA-256 with it.  Of course, you still only get
>>> 160 bits of strength (you just can't fit 256 bits into a 160 bit
>>> field).
> This is a true statement, but not relevant to your question.  I was
> discussing DSA keys, and you're asking about RSA.
I'm asking about hash functions support in general; if a particular
piece of sw supports HASH-X in DSA it is reasonable to suppose that the
same is with RSA.
>  You can use any
> hash with RSA that you like.  There are no restrictions in size or
> otherwise.  The only thing you have to worry about is whether your
> recipient can handle that hash or not.
That was the point of message. Asserting that with PGP 8 you can use a
larger hash /like/ SHA-256 doesn't necessarily mean that you you are
limited to it, someone could understand "you can use larger hashes, like
sha256, like sha224, sha384, like sha512, so PGP 8 supports them even if
with DSA it uses a truncated result due to the obvious limitations
imposed by q".

However, you have cleared all my doubts.


ICQ UIN: 301825501
OpenPGP key ID: 0x58D14EB3
Key fingerprint: 00B9 3E17 630F F2A7 FF96  DA6B AEE0 EC27 58D1 4EB3
Check fingerprints before trusting a key!

More information about the Gnupg-users mailing list