ietf-openpgp
[Top] [All Lists]

Re: SHA-1 broken

2005-02-17 03:40:30

On Thu, 17 Feb 2005 09:36:08 +0000 (UTC), Lutz Donnerhacke said:

Don't panic. This problem is already solved by allowing different
hash-algorithms in the packet format. As long as no detailed examination of

The fingerprint and the MDC both use SHA-1 hardwired.

We should really start thinking on how to switch to a different hash
algorithm.  The question is whether sha-256 is really that much more
secure.  From my understanding it has not been developed as a
replacement for SHA-1 but to meet the requirements of AES and to
extend DSA.


Salam-Shalom,

   Werner



<Prev in Thread] Current Thread [Next in Thread>