Best Practices

Werner Koch wk at
Mon Dec 13 14:37:26 CET 2010

On Mon, 13 Dec 2010 01:27, dshaw at said:

> The fix in OpenPGP is to hash the contents of the secret key, so any tampering is evident.

FWIW: We verify a signature immediatley after its creation which also
thwarts this attack.

> I am also skeptical of this.  I strongly doubt that new fingerprints
> can be achieved without going to a V5 key format.  There are just too
> many interoperability gotchas with an upgraded V4.  We might be able

Switching to V5 will be a lot of work in GnuPG because under the hood we
need to replace a lot of data structures which use a 160 bit hash.  It
will eventually be done but before we do that we need SHA-3; lets talk
about this in 2 years.  Recall that the rush towards SHA-256 is due to
collisions on SHA-1 expected in the near future.  There are no signs at
all that we will have a pre-image attack on SHA-1 any time soon [1].



[1] #include <famous-last-words.h>
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list