ietf-openpgp
[Top] [All Lists]

Re: [openpgp] V5 Fingerprint again

2017-03-01 14:02:53
On Wed,  1 Mar 2017 18:30, phill(_at_)hallambaker(_dot_)com said:

The issue we are seeing the the SHA-1 break is that a LOT of software is
based on the assumption that SHA-1 is unique. And this is causing software
to crash in real world applications.

It is not an issue for us because we are not affected by a collision
attacks and signatures are anyway done for quite some time using SHA-2.

The proposal we made in Berlin was to use use SHA-256 truncated to 25
octets for the new v5 key format.  Unfortunately I have been too busy to
push this forward but it is now on my short list.

The rationale for SHA-256 is that it is faster on small systems and
anyway needed for backward compatibility with existing RSA signatures.

Truncating from 32 to 25 octets allows for easy human fingerprint
verification and also to keep the size of signatures small (note that we
now include the fingerprint in the signatures for easy public key
lookup).

The proposal I made introduces a context into the fingerprint so that
S/MIME, OpenPGP, etc. can all use the same fingerprint format without

Unfortunately your proposal diverts heavily from the existing standard
and would thus not be an easy change.  Recall that a OpenPGP is used by
small device and thus we need to have an easy migration path towards a
v5 key.  The proposal also adds a textual representation format which
has always been out of scope in OpenPGP.



Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Attachment: pgpZbLlagVoX4.pgp
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
<Prev in Thread] Current Thread [Next in Thread>