[Top] [All Lists]

Re: Hash Collision Shield (subpacket def)

2005-02-18 09:01:31

Rick van Rein wrote:

I think we should not do this for several reasons, but those reasons
don't matter much: we already have signature notations.

Indeed, that would be the other way of doing it.  The likeliness of
implementations actually using it is less if they are not confronted with
the technique though.  Is it an idea to add a bit under the notation data
section instead?  I'm volunteering.

If there is a way to do it already, then that
would be better than any changes.  We have
tried (ok, some of have tried) to take a razor
to OpenPGP and cut off many bows and frills.
Adding another little feature without a clear
need faces an uphill battle.

Adding a note that a notation packet could
be used as an anti-collision technique seems
like a fine idea.  As it's somewhat forward
thinking, I'm not sure where it would go tho,
possibly in the last section of security oddments?

Also, there is a discussion going on here:

where Craig Hughes / Dan Simon claim that
introducting random hashing increases collision
resistence, but at the expense of decreasing
other forms of resistence.

I could never agree to such a strong break in compatibility; also
because it would be an optional extension and lead to less complete
implementations breaking on it.

Yup!  It's really tough adding in little quirks
at this stage.


News and views on what matters in finance+crypto: