IETF Logo Mail Archive

RE: NIST publishes new DSA draft

"Anton Stiglic" <astiglic@okiok.com> Thu, 16 March 2006 15:08 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FJu5Q-0003vY-Cc for openpgp-archive@lists.ietf.org; Thu, 16 Mar 2006 10:08:24 -0500
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FJu5N-0004h4-Up for openpgp-archive@lists.ietf.org; Thu, 16 Mar 2006 10:08:24 -0500
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k2GEcxtH001749; Thu, 16 Mar 2006 07:38:59 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k2GEcxOo001748; Thu, 16 Mar 2006 07:38:59 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mail.okiok.com (host70.okiok.com [207.61.238.70] (may be forged)) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k2GEcwW8001741 for <ietf-openpgp@imc.org>; Thu, 16 Mar 2006 07:38:59 -0700 (MST) (envelope-from astiglic@okiok.com)
Received: from P1038Mobile (unknown [70.82.189.188]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by mail.okiok.com (Postfix) with ESMTP id 7E6961683D3 for <ietf-openpgp@imc.org>; Wed, 15 Mar 2006 21:46:48 -0500 (EST)
From: Anton Stiglic <astiglic@okiok.com>
To: ietf-openpgp@imc.org
Subject: RE: NIST publishes new DSA draft
Date: Wed, 15 Mar 2006 21:40:01 -0500
MIME-Version: 1.0
Content-Type: text/plain; charset="windows-1250"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
In-Reply-To: <44182299.2010507@algroup.co.uk>
Thread-Index: AcZIQD3ijlagomLPTr6kHg5G5VtN5AAYJAlg
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Message-Id: <20060316024648.7E6961683D3@mail.okiok.com>
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 93238566e09e6e262849b4f805833007

I haven't participated in this list so far but I have been lurking here for
some time.

I agree with the phasing out of SHA1, as soon as possible!
Indeed there have been some vulnerabilities demonstrated, collisions on
arbitrary inputs (as this has already been discussed before, this is not as
strong attack as 2nd pre-image attack which would directly affect digital
signatures based on SHA1 for example, but still an indication of weakness in
the hash algorithm).  Also governments have plans of phasing SHA1 out soon. 
CSE in Canada plans to take it out of commission by 2008 for the protection
of certain types of information, see for example
http://www.cse-cst.gc.ca/services/crypto-services/crypto-algorithms-e.html

--Anton



-- 
Internal Virus Database is out-of-date.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 268.1.2/274 - Release Date: 03/03/2006

v2.23.0 | Report a Bug | By Email