Re: SHA-1 broken2005-02-17 15:06:45My feeling is that a key fingerprint is the *least* of the things that are in danger from a SHA-1 break. A key fingerprint is little more than a hash of the key material, the creation time, and a few constants. There's very little place in there to manufacture a collision. Fingerprints need little more than one-way-ness. Furthermore, it is imperative that a fingerprint be short. The whole reason for having them is that they are short. All the things you want a fingerprint for require it being short. Twenty bytes is plenty long enough for one. Otherwise just get rid of the fingerprint and just write down the key. Jon
|
|