multiple subkeys and key transition
David Shaw
dshaw at jabberwocky.com
Fri Dec 10 01:16:03 CET 2010
On Dec 9, 2010, at 6:49 PM, Ben McGinnes wrote:
>> Or one can use enable-dsa2 in GnuPG and use any of the SHA2 hashes,
>> they'll just be truncated down to 160 bits similarly to the
>> SHA-224/SHA-256 arrangement described below.
>
> Just to clarify, does this mean that SHA-256 or 512 (or whatever)
> truncated to 160-bits prevent the potential collision attacks that
> might be able to be launched against SHA-1?
Yes, but at the risk of pedantry:
The attacks against SHA-1 haven't been extended to the SHA-2 family yet. By truncating a SHA-2 to 160 bits, you're creating a non-broken (for now) 160-bit hash. Think of it as a non-broken SHA-1: it's theoretically as strong as SHA-1 once was thought to be, but not stronger.
(i.e. it's a great SHA-1 alternative, but it's not as strong as a full-sized SHA-2).
David
More information about the Gnupg-users
mailing list