Re: ASN.1 OID for TIGER/192 Tue, 08 October 2002 08:08 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id EAA03125 for <>; Tue, 8 Oct 2002 04:08:03 -0400 (EDT)
Received: (from majordomo@localhost) by (8.11.6/8.11.3) id g9880aT16077 for ietf-openpgp-bks; Tue, 8 Oct 2002 01:00:36 -0700 (PDT)
Received: from ( []) by (8.11.6/8.11.3) with SMTP id g9880Xv16063 for <>; Tue, 8 Oct 2002 01:00:34 -0700 (PDT)
Received: from (unverified []) by (SMTPRCV 0.45) with SMTP id <>; Tue, 08 Oct 2002 09:55:01 0200
Message-ID: <>
Date: Tue, 08 Oct 2002 09:55:01 +0200
X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
X-Accept-Language: en,lv,ru
MIME-Version: 1.0
Subject: Re: ASN.1 OID for TIGER/192
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-Archive: <>
List-Unsubscribe: <>
List-ID: <>
Content-Transfer-Encoding: 7bit

Hash: RIPEMD160

Jon Callas wrote:
> I confess I am wondering why this is needed. Five years ago, we flirted with
> Tiger and Haval because you need wider hashes for better signatures.

but then HAVAL-5-160 was selected. I wonder why not 256..

> 192
> bits is a bit dodgy because it only gets you an effective strength of 96
> bits (over 80 bits for SHA-1).

> Today, we have all the wide SHAs in the
> suite, which balance with symmetric ciphers up to 256 bits of key size.
> Adding in TIGER/192 now seems like too little, too late. In 1998, this would
> have been great. In 2002 (pushing 2003), it's at best a yawn.
> In short, here's a pragmatic question I have: if I were making a signature
> today, and I thought that SHA-1 weren't big enough, why would I want to use
> TIGER/192 over SHA-{256|384|512}?

it's faster (but it's weak argument)

> Without a good answer to that question, I don't see why it should be there.
> I'm even slightly sympathetic to people who think it and HAVAL should be
> removed. They've both been overtaken by events.
>     Jon

or replaced with HAVAL-5-256. I agree there is no need for 3rd 160bit hash,
but maybe alternate 256bit one...

 ^----PGP 2.6.3ia-multi06 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
      AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes)
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1