Moving away from SHA-1

Per Tunedal per.tunedal at operamail.com
Tue Feb 11 09:10:32 CET 2014


Hi,
GnuPG, as OpenPGP compliant, relies heavily on the near broken hash
algorithm SHA-1. Is there any work in progress to move to a more secure
hash algorithm?

When SHA-1 falls, GnuPG will otherwise be completely broken as internal
key signatures, as well signatures of public keys from others and the
fingerprint rely on SHA-1 hashes.

Yours,
Per Tunedal



More information about the Gnupg-users mailing list