Re: [openpgp] Fingerprints and their collisions resistance
Werner Koch <wk@gnupg.org> Thu, 03 January 2013 22:57 UTC
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C034421F8DD5 for <openpgp@ietfa.amsl.com>; Thu, 3 Jan 2013 14:57:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ooza8q55QvfP for <openpgp@ietfa.amsl.com>; Thu, 3 Jan 2013 14:57:23 -0800 (PST)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [217.69.77.222]) by ietfa.amsl.com (Postfix) with ESMTP id 3F02521F8AA6 for <openpgp@ietf.org>; Thu, 3 Jan 2013 14:57:20 -0800 (PST)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.72 #1 (Debian)) id 1Tqtix-0000Kc-Ml for <openpgp@ietf.org>; Thu, 03 Jan 2013 23:57:19 +0100
Received: from wk by vigenere.g10code.de with local (Exim 4.77 #3 (Debian)) id 1TqtgH-0008SR-6r; Thu, 03 Jan 2013 23:54:33 +0100
From: Werner Koch <wk@gnupg.org>
To: Andrey Jivsov <openpgp@brainhub.org>
References: <50E530D6.6020609@brainhub.org> <D3684BB5-FDC6-4834-8FAE-C482A25E3FB0@callas.org> <50E5D6AA.6060200@brainhub.org>
Organisation: g10 Code GmbH
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
OpenPGP: id=1E42B367; url=finger:wk@g10code.com
Date: Thu, 03 Jan 2013 23:54:33 +0100
In-Reply-To: <50E5D6AA.6060200@brainhub.org> (Andrey Jivsov's message of "Thu, 03 Jan 2013 11:06:18 -0800")
Message-ID: <874nixev2u.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: openpgp@ietf.org, Jon Callas <jon@callas.org>
Subject: Re: [openpgp] Fingerprints and their collisions resistance
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jan 2013 22:57:24 -0000
On Thu, 3 Jan 2013 20:06, openpgp@brainhub.org said: > AES or for regulatory reasons. 3 AES sizes exist for performance > reasons. I'd say for marketing reasons. > export/import control of encryption). Fingerptins are special data > structures because they are sometimes input by humans. Well, humans compare fingerprints but don't enter them. I doubt that I ever did this in the last 20 years. > Let's say we choose SHA-3-384, which is no more difficult to implement > than SHA-2. We then simply use the current fingerprint algorithm but Except that SHA-2 is already in use and has hardware support. > instead of SHA-1 use SHA-3-384. Then allow truncation of the output > (it's already implied by the 8 byte keyIDs). 20 byte fingerprint on a > business card may be reasonable, but we also would like to have full So why should we truncate the fingerprint? Is there a reason to believe that truncation to 160 bit of SHA-2 or SHA-3 is seriously more secure than SHA-1? I don't know. > strength for regulatory compliance. Consider not hashing the key > creation date. Fixing all the variables in this paragraph, we have the What would be the advantage of this except for yet another code path. > signed message, but I don't think they materially care about the > flavour of the fingerprint (as long as it's a "strong" one). They will care if a key suddenly comes with two different fingerprints. We never had this situation in OpenPGP. Recall how long it took to get rid of v3 keys. Thus if we want a new fingerprint algorithm we need to change more than just this. BTW, what about re-establishing the OpenPGP WG? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
- [openpgp] Fingerprints and their collisions resis… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… Nicholas Cole
- Re: [openpgp] Fingerprints and their collisions r… Jon Callas
- Re: [openpgp] Fingerprints and their collisions r… Arturo 'Buanzo' Busleiman
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Tony Hansen
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Werner Koch
- Re: [openpgp] Fingerprints and their collisions r… Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… Christian Aistleitner
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… jbar
- Re: [openpgp] Fingerprints and their collisions r… Christian Aistleitner
- Re: [openpgp] Fingerprints and their collisions r… Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… Jon Callas
- Re: [openpgp] Fingerprints and their collisions r… Werner Koch
- Re: [openpgp] Fingerprints and their collisions r… Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints and their collisions r… Jon Callas
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Werner Koch
- Re: [openpgp] Fingerprints and their collisions r… Werner Koch
- Re: [openpgp] Fingerprints and their collisions r… Bill Frantz
- Re: [openpgp] Fingerprints and their collisions r… Jon Callas
- Re: [openpgp] Fingerprints and their collisions r… Nicholas Cole
- Re: [openpgp] Fingerprints and their collisions r… ianG