Re: [Sam Hartman] Openpgp comments
nagydani@epointsystem.org (Daniel A. Nagy) Tue, 19 September 2006 23:14 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GPonP-0003Zu-1l for openpgp-archive@lists.ietf.org; Tue, 19 Sep 2006 19:14:31 -0400
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GPonN-0005cg-FQ for openpgp-archive@lists.ietf.org; Tue, 19 Sep 2006 19:14:30 -0400
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k8JMkMIj013208; Tue, 19 Sep 2006 15:46:22 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k8JMkMKr013207; Tue, 19 Sep 2006 15:46:22 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mail.epointsystem.org (120.156-228-195.hosting.adatpark.hu [195.228.156.120]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k8JMkKJG013199 for <ietf-openpgp@imc.org>; Tue, 19 Sep 2006 15:46:21 -0700 (MST) (envelope-from nagydani@epointsystem.org)
Received: by mail.epointsystem.org (Postfix, from userid 1001) id 6F1BB3B2F; Wed, 20 Sep 2006 00:45:38 +0200 (CEST)
Date: Wed, 20 Sep 2006 00:45:38 +0200
To: ietf-openpgp@imc.org
Subject: Re: [Sam Hartman] Openpgp comments
Message-ID: <20060919224538.GA8290@epointsystem.org>
References: <sjmd59txlnv.fsf@cliodev.pgp.com> <20060919023332.GA30748@jabberwocky.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="liOOAslEiF7prFVr"
Content-Disposition: inline
In-Reply-To: <20060919023332.GA30748@jabberwocky.com>
User-Agent: Mutt/1.5.9i
From: nagydani@epointsystem.org
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 7aafa0432175920a4b3e118e16c5cb64
On Mon, Sep 18, 2006 at 10:33:32PM -0400, David Shaw wrote: > > On Mon, Sep 18, 2006 at 11:02:44AM -0400, Derek Atkins wrote: > > > The second issue is the encryption with integrity packet. Today this > > is hard-wired to use SHA-1. That's not OK. We need an upgrade path > > for that and I think we need to support SHA-256 now. > > Does the MDC actually need collision resistance? I was under the > impression that (like the secret key "S2K 254" use of SHA-1) this was > essentially a checksum and the recent attacks against SHA-1 did not > apply. I have just discussed this issue with my students at our cryptography seminar. The general consensus is that MDCs do not need collision resistance. Thus, SHA1 is secure with a huge security margin. The recent weakening of SHA1 means that finding a pre-image takes approx 2^138 attempts, which is still comfortably beyond reach for today's and tomorrow's technology. Introducing longer hashes would make it slower, while not improving security. If you insist, I can provide the complete reasoning why collision-resistance is not required for MDC. If anything, I would consider RIPEMD128, as it is faster than SHA1 and offers about the same level of security while being a bit shorter. But then again, there's no reason to mess with the standard as it is. -- Daniel
- [Sam Hartman] Openpgp comments Derek Atkins
- Re: [Sam Hartman] Openpgp comments "Hal Finney"
- Re: [Sam Hartman] Openpgp comments Jon Callas
- Re: [Sam Hartman] Openpgp comments David Shaw
- Re: [Sam Hartman] Openpgp comments Ian G
- Re: [Sam Hartman] Openpgp comments Werner Koch
- Re: [Sam Hartman] Openpgp comments Ian G
- Re: [Sam Hartman] Openpgp comments David Shaw
- Re: [Sam Hartman] Openpgp comments Werner Koch
- Re: [Sam Hartman] Openpgp comments David Shaw
- Re: [Sam Hartman] Openpgp comments Ian G
- Re: [Sam Hartman] Openpgp comments Jon Callas
- Re: [Sam Hartman] Openpgp comments Daniel A. Nagy
- Re: [Sam Hartman] Openpgp comments David Shaw
- Re: [Sam Hartman] Openpgp comments Daniel A. Nagy
- RE: [Sam Hartman] Openpgp comments Anton Stiglic
- Re: [Sam Hartman] Openpgp comments Werner Koch
- Re: [Sam Hartman] Openpgp comments Lutz Donnerhacke
- Re: [Sam Hartman] Openpgp comments Marko Kreen