Re: ASN.1 OID for TIGER/192
disastry@saiknes.lv Tue, 08 October 2002 08:08 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA03125 for <openpgp-archive@lists.ietf.org>; Tue, 8 Oct 2002 04:08:03 -0400 (EDT)
Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id g9880aT16077 for ietf-openpgp-bks; Tue, 8 Oct 2002 01:00:36 -0700 (PDT)
Received: from hackserv.saiknes.lv (hackserv.klinkmann.lv [195.2.103.8]) by above.proper.com (8.11.6/8.11.3) with SMTP id g9880Xv16063 for <ietf-openpgp@imc.org>; Tue, 8 Oct 2002 01:00:34 -0700 (PDT)
Received: from saiknes.lv (unverified [195.2.103.8]) by hackserv.saiknes.lv (SMTPRCV 0.45) with SMTP id <B0001617490@hackserv.saiknes.lv>; Tue, 08 Oct 2002 09:55:01 0200
Message-ID: <3DA28F55.26D6C69D@saiknes.lv>
Date: Tue, 08 Oct 2002 09:55:01 +0200
From: disastry@saiknes.lv
X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
X-Accept-Language: en,lv,ru
MIME-Version: 1.0
To: ietf-openpgp@imc.org
Subject: Re: ASN.1 OID for TIGER/192
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Jon Callas wrote: > I confess I am wondering why this is needed. Five years ago, we flirted with > Tiger and Haval because you need wider hashes for better signatures. but then HAVAL-5-160 was selected. I wonder why not 256.. > 192 > bits is a bit dodgy because it only gets you an effective strength of 96 > bits (over 80 bits for SHA-1). > Today, we have all the wide SHAs in the > suite, which balance with symmetric ciphers up to 256 bits of key size. > Adding in TIGER/192 now seems like too little, too late. In 1998, this would > have been great. In 2002 (pushing 2003), it's at best a yawn. > > In short, here's a pragmatic question I have: if I were making a signature > today, and I thought that SHA-1 weren't big enough, why would I want to use > TIGER/192 over SHA-{256|384|512}? hmm.. it's faster (but it's weak argument) > Without a good answer to that question, I don't see why it should be there. > I'm even slightly sympathetic to people who think it and HAVAL should be > removed. They've both been overtaken by events. > Jon or replaced with HAVAL-5-256. I agree there is no need for 3rd 160bit hash, but maybe alternate 256bit one... __ Disastry http://disastry.dhs.org/ http://disastry.dhs.org/pgp ^----PGP 2.6.3ia-multi06 (supports IDEA, CAST5, BLOWFISH, TWOFISH, AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes) -----BEGIN PGP SIGNATURE----- Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1 iQA/AwUBPaJzFzBaTVEuJQxkEQMzOACgo12QO17DjHe5xf4JnGK84AOl4KIAmQEy 92QuFIOzJpsHV96BPBTgwpL9 =Q2X9 -----END PGP SIGNATURE-----
- ASN.1 OID for TIGER/192 David Shaw
- Re: ASN.1 OID for TIGER/192 Brian M. Carlson
- Re: ASN.1 OID for TIGER/192 disastry
- Re: ASN.1 OID for TIGER/192 Werner Koch
- Re: ASN.1 OID for TIGER/192 David Shaw
- Re: ASN.1 OID for TIGER/192 Derek Atkins
- Re: ASN.1 OID for TIGER/192 David Shaw
- Re: ASN.1 OID for TIGER/192 David Hopwood
- Re: ASN.1 OID for TIGER/192 Jon Callas
- Re: ASN.1 OID for TIGER/192 disastry