Re: ASN.1 OID for TIGER/192

disastry@saiknes.lv Tue, 08 October 2002 08:08 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA03125 for <openpgp-archive@lists.ietf.org>; Tue, 8 Oct 2002 04:08:03 -0400 (EDT)
Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id g9880aT16077 for ietf-openpgp-bks; Tue, 8 Oct 2002 01:00:36 -0700 (PDT)
Received: from hackserv.saiknes.lv (hackserv.klinkmann.lv [195.2.103.8]) by above.proper.com (8.11.6/8.11.3) with SMTP id g9880Xv16063 for <ietf-openpgp@imc.org>; Tue, 8 Oct 2002 01:00:34 -0700 (PDT)
Received: from saiknes.lv (unverified [195.2.103.8]) by hackserv.saiknes.lv (SMTPRCV 0.45) with SMTP id <B0001617490@hackserv.saiknes.lv>; Tue, 08 Oct 2002 09:55:01 0200
Message-ID: <3DA28F55.26D6C69D@saiknes.lv>
Date: Tue, 08 Oct 2002 09:55:01 +0200
From: disastry@saiknes.lv
X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
X-Accept-Language: en,lv,ru
MIME-Version: 1.0
To: ietf-openpgp@imc.org
Subject: Re: ASN.1 OID for TIGER/192
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Jon Callas wrote:
> I confess I am wondering why this is needed. Five years ago, we flirted with
> Tiger and Haval because you need wider hashes for better signatures.

but then HAVAL-5-160 was selected. I wonder why not 256..

> 192
> bits is a bit dodgy because it only gets you an effective strength of 96
> bits (over 80 bits for SHA-1).

> Today, we have all the wide SHAs in the
> suite, which balance with symmetric ciphers up to 256 bits of key size.
> Adding in TIGER/192 now seems like too little, too late. In 1998, this would
> have been great. In 2002 (pushing 2003), it's at best a yawn.
>
> In short, here's a pragmatic question I have: if I were making a signature
> today, and I thought that SHA-1 weren't big enough, why would I want to use
> TIGER/192 over SHA-{256|384|512}?

hmm..
it's faster (but it's weak argument)

> Without a good answer to that question, I don't see why it should be there.
> I'm even slightly sympathetic to people who think it and HAVAL should be
> removed. They've both been overtaken by events.
>     Jon

or replaced with HAVAL-5-256. I agree there is no need for 3rd 160bit hash,
but maybe alternate 256bit one...

__
Disastry  http://disastry.dhs.org/
http://disastry.dhs.org/pgp
 ^----PGP 2.6.3ia-multi06 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
      AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes)
-----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1

iQA/AwUBPaJzFzBaTVEuJQxkEQMzOACgo12QO17DjHe5xf4JnGK84AOl4KIAmQEy
92QuFIOzJpsHV96BPBTgwpL9
=Q2X9
-----END PGP SIGNATURE-----