[Top] [All Lists]

Re: [openpgp] Fingerprints and their collisions resistance

2013-01-05 14:00:36
I think that along with just parameterizing a fingerprint, it's best not to 
assume that they are unique. Obviously, there are a few places where we assume 
they are, and those are the flies in that particular ointment (for example, 
designated revokers). But that's not hard to deal with. It's not (in general) 
exposed to humans, so you can make it be a hash as long as you want.

For human use, any reasonable hash function will do, and that even includes 
SHA-1. (While it has been estimated that one can construct a collision with 
2^51 work, that's not the same as constructing a second-preimage collision.) 
For any crypto operation, a fingerprint collision isn't going to lead to crypto 
interoperability -- and this is why the 64-bit key id isn't a problem.


openpgp mailing list