Opinions on RIPEMD vs SHA?
Brian Mearns
bmearns at ieee.org
Wed Jul 8 22:20:53 CEST 2009
On Wed, Jul 8, 2009 at 3:33 PM, Werner Koch<wk at gnupg.org> wrote:
> On Wed, 8 Jul 2009 18:56, bmearns at ieee.org said:
>
>> I'm considering making my default hash RIPEMD160: does anyone have any
>> opinions on how this compares to SHA-2 algorithms in terms of both
>
> Don't do that. RIPEMD160 is a pure European algorithm and by design not
> different than SHA-1; like most hash algorithms it is based on the same
> principles as MD4 is. There is no reason to believe that RIPEMD-160 is
> stronger than the SHA-1.
>
> If you want to do business with European governments you need to support
> RIPEMD-160 - well at least until last year. Since this year, SHA-256 is
> a requirement for most purposes.
>
>> security and availability? I like the idea that RIPEMD was developed
>> in an academic community instead of the NSA, but if there are genuine
>
> Well, if you look at the prominent people from that community you will
> notice strong links to the country's respective TLAs.
>
>> romanticism. I'm especially curious if RIPEMD160 is commonly available
>> in popular PGP clients.
>
> GnuPG might be the only OpenPGP implementation to support it.
>
>
> Salam-Shalom,
>
> Werner
>
> --
> Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
>
>
Thank you both for your input. I'll stick with SHA.
-Brian
--
Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from: http://keys.gnupg.net
More information about the Gnupg-users
mailing list