howto secure older keys after the recent attacks

Philippe Cerfon philcerf at
Thu Sep 10 23:33:51 CEST 2009

Hi Robert.

On Thu, Sep 10, 2009 at 4:54 PM, Robert J. Hansen <rjh at> wrote:
> Probably.  However, if SHA-1 gets totally broken we'll have a lot bigger
> things to worry about than OpenPGP.

What specifically do you mean? Crypto-stuff in banking etc.?

> As soon as you find an attack, then we can discuss it.  Unfortunately,
> we can't really talk intelligently about vague fears.

Of course,... just wondered if there might be any known issues due to that.

> Hans Dobbertin proved MD5 was weak in 1996.  In 1997, Network Associates
> (who then were pretty much the only game in town, as far as PGP goes)
> decided the Dobbertin attack was worrisome and that MD5 needed to go.
> By the time the MD5 attacks became practical, PGP had _long_ since
> migrated to SHA-1 and RIPEMD160.

Ok,.. I see.
But attackers could still attack older data, that they intercepted, right?

Best wishes,

More information about the Gnupg-users mailing list