Use other hash than SHA-1

Robert J. Hansen rjh at
Sat May 2 22:43:00 CEST 2009

Allen Schultz wrote:
> I'm stuck with that smaller key until I change the subkeys, but
> a question about the two hashes. What's the difference in SHA-1
> and RIPEMD/160?

Not much.  They're both 160-bit Merkle-Damgard hashes.  RIPEMD160 comes
out of Europe, SHA-1 comes out of the National Security Agency.

Some people distrust anything that comes out of the NSA.  For these
people, RIPEMD160 is a good option.

I think the reason why RIPEMD160 has survived so long is due to the fact
hardly anybody is looking at it.  Given all we've learned about
attacking hash functions from the SHA-1 and MD5 papers, I think it's
fair to be a little skeptical of RIPEMD160's long-term prospects.

More information about the Gnupg-users mailing list