-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings,
the recent breakthrough appears to apply to all
the MDx based hash algorithms.
while TIGER is not, i am told, it does not mean that
it is more secure, as it has not been subject to same
scrutiny as the MDx based hashes.
i believe that less is better, however, diversity
is a good thing, especially when the algorithms
are un-related. After all, this is the reason
why there are numerous algorithms in a crypto suite.
i am no expert of course, but it would be a cautious
thing to trim down the algorithms of similar ones
for the sake to complexity, and augment them with
dissimilar ones for the sake of hedging one's bet.
given the above a case for re-instating TIGER in openpgp
could be made.
hth
best regards
Imad R. Faiad
From: <vedaal(_at_)hush(_dot_)com>
Date: 2004/08/18 Wed PM 04:54:42 EAT
To: ietf-openpgp(_at_)imc(_dot_)org
Subject: re-consideration of TIGER
now that sha-0 has been broken,
and sha-1 is actively being looked at for a possible >extension of the
attack,
and MD5, HAVAL, and RIPEMD are also being attacked
http://eprint.iacr.org/2004/199.pdf)
would it be reasonable to re-accept the non-sha based >hashes, (e.g. TIGER)
as a potential backup hash for implementations/users >that may wish to
begin doing so?
vedaal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBI4HfyaCxfwAfoa0RArsFAKDluxCYvOajIuzKysqQ077RoRZ6vwCaA3TY
1IUieQzgGKZIca5hjkKrXFU=
=fjCn
-----END PGP SIGNATURE-----
replyAll
Description: null