IETF Logo Mail Archive

Re: NIST publishes new DSA draft

Ben Laurie <ben@algroup.co.uk> Sun, 26 March 2006 11:43 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FNTeL-0000Iw-FP for openpgp-archive@lists.ietf.org; Sun, 26 Mar 2006 06:43:13 -0500
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FNTeK-0004rF-3e for openpgp-archive@lists.ietf.org; Sun, 26 Mar 2006 06:43:13 -0500
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k2QBEQF2020808; Sun, 26 Mar 2006 04:14:27 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k2QBEQpV020807; Sun, 26 Mar 2006 04:14:26 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mail.links.org (mail.links.org [217.155.92.109]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k2QBEPKX020800 for <ietf-openpgp@imc.org>; Sun, 26 Mar 2006 04:14:26 -0700 (MST) (envelope-from ben@algroup.co.uk)
Received: from [193.133.15.218] (localhost [127.0.0.1]) by mail.links.org (Postfix) with ESMTP id 15BF233C1C; Sun, 26 Mar 2006 12:14:24 +0100 (BST)
Message-ID: <44267719.1060302@algroup.co.uk>
Date: Sun, 26 Mar 2006 12:12:25 +0100
From: Ben Laurie <ben@algroup.co.uk>
User-Agent: Thunderbird 1.5 (Windows/20051201)
MIME-Version: 1.0
To: Jon Callas <jon@callas.org>
CC: OpenPGP <ietf-openpgp@imc.org>
Subject: Re: NIST publishes new DSA draft
References: <20060314194447.4D59A57FB0@finney.org> <20060316192823.GA9945@jabberwocky.com> <441ACF45.704@systemics.com> <87fylhdq36.fsf@wheatstone.g10code.de> <20060317174937.GC13241@jabberwocky.com> <3C3EAEDD-7724-4E92-AA3C-49B5B2E6F3F9@callas.org>
In-Reply-To: <3C3EAEDD-7724-4E92-AA3C-49B5B2E6F3F9@callas.org>
X-Enigmail-Version: 0.93.0.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17

Jon Callas wrote:
> 
> I think we ought to keep it with the same algorithm number.
> 
> I'm happy to put in SHA-224 (meaning it's trivial work), but I don't
> like it, myself. The reason is that SHA-224 is really a truncated
> SHA-256. Thus, it has no advantages over SHA-256 except being smaller by
> 32-bits with 112 bits of security. The reason it exists at all is for
> crypto-balance with 2-key 3DES (which is not TDEA), which we don't allow
> at all.

<pedantic>

3-key DES also has a strength of 112 bits.

</pedantic>

> I don't think we should have it as it goes against our
> principles of wanting a minimum of 128-bits of security in OpenPGP.
> (Yes, yes, I know that SHA-1 doesn't meet this either, but until
> SHA-256, we didn't have many options. That doesn't mean the principle is
> wrong; we *have* options.)
> 
>     Jon
> 
> 


-- 
http://www.apache-ssl.org/ben.html           http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

v2.23.0 | Report a Bug | By Email