why is SHA1 used? How do I get SHA256 to be used?
Robert J. Hansen
rjh at sixdemonbag.org
Thu Jul 12 06:33:17 CEST 2012
You're arguing two different contradictory things here:
> I'm not saying these attacks exist practically today against SHA1 (i
> don't know if they do), but collision-resistance is the relevant
> property, not resistance to pre-image attacks.
And then:
> The places where it is thoroughly "baked in" are the MDC (not relevant
> cryptographically) and the V4 fingerprint (where the relevant property
> is resistance to a preimage attack instead of resistance to generated
> collisions.
The relevant property can be resistance to preimage attack or it can be
collision resistance. Pick a property and argue it, please. :)
I am far more concerned about preimage attacks (which are the ultimate
game-over) than random collisions (which affect a smaller fraction of
the userbase). I'm not saying that random collisions are not troubling
in their own right.
> Where exactly has the original poster signed anything over an MD5 digest?
Refer to my subsequent message, where I backed off from that statement
and clarified I was referring to the poster was already relying on the
safety of SHA-1 -- and was just in denial about it.
If you believe SHA-1 is insecure and you want to avoid it at all costs,
you need to avoid OpenPGP.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120712/f2fecbc1/attachment.pgp>
More information about the Gnupg-users
mailing list