Accidentally used SHA1
Robert J. Hansen
rjh at sixdemonbag.org
Fri Jul 1 20:33:32 CEST 2016
> Does using SHA1 in past make my key less secure or does this only make
> the signed message more prone to collision instead of key leak?
Definitely no to the first, and probably not to the second. SHA-1 is
weak in a theoretical sense, but we're nowhere near seeing preimage
attacks on it, which is what would have to happen for your message to be
susceptible to forgery.
We advise against SHA-1 out of an abundance of caution, not because it's
broken. The current attacks against SHA-1 are troubling but not
applicable to OpenPGP... *yet*. It's that "yet" which causes us to
advise using better hash algorithms. :)
More information about the Gnupg-users
mailing list