Opinions on RIPEMD vs SHA?
David Shaw
dshaw at jabberwocky.com
Wed Jul 8 21:16:11 CEST 2009
On Jul 8, 2009, at 12:56 PM, Brian Mearns wrote:
> I'm considering making my default hash RIPEMD160: does anyone have any
> opinions on how this compares to SHA-2 algorithms in terms of both
> security and availability? I like the idea that RIPEMD was developed
> in an academic community instead of the NSA, but if there are genuine
> benefits to using SHA, I have no problem looking past this bit of
> romanticism. I'm especially curious if RIPEMD160 is commonly available
> in popular PGP clients.
RIPEMD160 is nearly universally supported in popular PGP clients.
It's been around for a long time.
That said, you can't compare it to SHA-2. I believe your academia/NSA
comparison is invalid (it's really just romanticism), but I'm not even
going to bother to restart the common algorithm/peer review/more
attacks/etc discussion that we've had a zillion times on this list,
and instead jump right to the easy reason: RIPEMD160 is 160 bits
long. SHA-2 is (at minimum) 224 bits long, and can go up to 512 bits
long.
224 > 160.
512 is very > 160.
Unless you think SHA-2 is actually weaker than RIPEMD160 somehow, why
would you not use it?
David
More information about the Gnupg-users
mailing list