Generating a new key
Faramir
faramir.cl at gmail.com
Tue Mar 23 23:50:38 CET 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Paul Richard Ramer escribió:
> On Sun, 21 Mar 2010 00:40:08 -0300 Faramir wrote:
>> Another thing to consider, is SHA is not as safe as it used to be, and
>> it it becomes easily crackeable, signatures issued using SHA can become
>> unsafe. So maybe you'd like to use SHA-256 instead of SHA-128. If I'm
>
> I believe that you meant SHA-1 and not SHA-128, because there isn't a
> hash called SHA-128. Also SHA-1 is a 160 bit hash.
Right, I was referring to SHA-1, and I confused the bit length of
SHA-1 with key length of AES.
I saw another message, from Robert J. Hansen, saying indeed there is a
"SHA-128" unofficial denomination. Maybe I saw "SHA-128" while browsing
documents about SHA, and that contributed to my confusion. But anyway, I
was referring to the "normal" SHA algorithm.
...
>> idea is to replace SHA-1 with SHA-256, it can be useful. (I have a bad
>> feeling about telling other people to use that line).
>
> In addition to what David said, the passphrase mangling uses iterations
> of the hash algorithm to slow down a brute force attack on the
> passphrase. So for a fictional example, GnuPG will hash the word "dog"
> and produce "0123456789". Then it will iterate by taking the output of
> the hash algorithm and use it as input to another instance of hashing.
> So in this example it would take the output of "0123456789" and hash it
> to produce "9876543210".
Good, now I know what is "password mangling" about.
Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBCAAGBQJLqUW+AAoJEMV4f6PvczxA5vMH/2O6iSWqRINIz3mqUG5PXjce
CKHyBeBPx5qmjUB7t1ze2q1Ke0+jtH5tPVy3vGbiDjnlMmHjCerzMTkTJnGkQa7F
fStgLvzSuVRUdTg5szPzrdXYdG3s4riDDnMSd577EAWEepAn2KH29AE8rwoEWwn6
V6EUsOMI48gqRbdwnSRaYJJkYWcF+GZkY/dc0hspnk3JXCfleh1Qrel5zcGHTRdg
Y0yf/86n7pdKc8i7i0y6/0EXzJ5Jv5Tbh40UgEicoI8U6e9qqkQil/oYj0N3OFRC
5TXZdMFnzr/PP2W69fEjBScqotZWHDgaqrt5zo4ZY6GJ5mtAcVlZ6p6Y/SOsoro=
=XfT4
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list