On 4/5/09 23:35, David Shaw wrote:
This does, of course, presume that all of our hashes for OpenPGP in the
future will generate an even number of bytes.
I like the idea.
But, I'm the one who favours aphorisms such as "there is only one mode,
and it is secure." Or, perhaps, "There is one cipher suite, and it is
numbered Number 1."
So I would be looking for SHA3 as the one and only thing that ever
hashes the publics, and bugger the rest. Algorithm agility is for the
birds. We would just need to agree how many even bytes to allocate to
the SHA3 for the next 4 decades.