[Top] [All Lists]

Re: [openpgp] Fingerprints and their collisions resistance

2013-01-03 16:34:04
On 01/03/2013 01:03 AM, ianG wrote:
Now that SHA-3 is settled, it seems reasonable to clean out all of the


On another related point - have the MD numbers been allocated for SHA3
in its various guises?

In the process of writing such a draft I noticed that the only place in OpenPGP where SHA1 is used in collision resistance sensitive way without the possibility to change it is fingerprints. For this reason OpenPGP fingerprints stand out because these are the data structures that technically make (or soon will make) RFC 4880 non-compliant with recognized standards. I would separate the issue of fingerprints depending on known SHA1 weaknesses from any other task that can be categorized as "OpenPGP V5".

Speaking of the Keccak in OpenPGP draft, I thought that it would be important to gather the feeling about the path of fixing the fingerprints. These issues are more dependent as seems. For example, if you have to use SHA-3-384 for fingerprints, it affects the decisions about SHOULDs for hashes elsewhere.

I have this Keccak in OpenPGP darft written, waiting to for the NIST to publish SHA-3 and the OIDs assigned.
openpgp mailing list