algorithm 11 mistake mac
dshaw at jabberwocky.com
Wed Jul 8 00:23:17 CEST 2009
On Jul 7, 2009, at 6:10 PM, Robert J. Hansen wrote:
> On Jul 7, 2009, at 6:02 PM, David Shaw wrote:
>> Or are you asking if there is there a significant difference
>> between SHA-256 truncated to 224 bits and straight SHA-224 in terms
>> of hash strength? If so, no, there really isn't. SHA-224 in fact
>> *is* a truncated SHA-256 with a different initialization.
> That's exactly what I was asking. Speaking for myself, I think it's
> preferable to use SHA-256 over SHA-224, even in instances where 32
> bits of it are stripped -- mostly for interoperability reasons. But
> other people's mileage may vary.
You need to use what makes you happy, I guess. GPG doesn't care one
way or the other, and this isn't one of those cases where doing the
"wrong" thing will hurt you in a significant way.
More information about the Gnupg-users