Re: [openpgp] Version 5 key and fingerprint proposal

Vincent Breitmoser <look@my.amazin.horse> Thu, 09 March 2017 12:41 UTC

Date: Thu, 09 Mar 2017 13:41:10 +0100
From: Vincent Breitmoser <look@my.amazin.horse>
To: openpgp@ietf.org
Message-ID: <20170309124110.2t3nciyq2lqjjrk7@calamity>
References: <87varlou5m.fsf@wheatstone.g10code.de> <20170307230605.GA2@hashbang.sh> <87efy8ntcx.fsf@wheatstone.g10code.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <87efy8ntcx.fsf@wheatstone.g10code.de>
User-Agent: NeoMutt/20170113 (1.7.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/s-tksAFUmPrCt4uWpHdoePKXXdg>
Subject: Re: [openpgp] Version 5 key and fingerprint proposal
Precedence: list

> > Also, but I likely missed the relevant WG thread, why truncate the
> > fingerprint to 200 bits? (Not that this is likely an issue.)
> 
> That was a suggestion from the Berlin meeting.

Can you (or someone else) give some more insight on the requirements
that were identified as a basis for this suggestion?

The SHA-3 contest reaffirmed that SHA-2 is doing just fine in terms of
cryptanalysis, so 160 bits truncated SHA-2 would be just fine even if we
consider strong collision resistance a requirement. But we had this
topic before, and from what I remember noone was able to come up with an
attack scenario where a collision would be useful in any way. Still the
idea now is to add another 40 bits on top?

 - V

[openpgp] Version 5 key and fingerprint proposal Werner Koch
Re: [openpgp] Version 5 key and fingerprint propo… KellerFuchs
Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
Re: [openpgp] Version 5 key and fingerprint propo… Vincent Breitmoser
Re: [openpgp] Version 5 key and fingerprint propo… KellerFuchs
Re: [openpgp] Version 5 key and fingerprint propo… KellerFuchs
Re: [openpgp] Version 5 key and fingerprint propo… Eric Rescorla
Re: [openpgp] Version 5 key and fingerprint propo… Jon Callas
Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
Re: [openpgp] Version 5 key and fingerprint propo… Jon Callas
Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
Re: [openpgp] Version 5 key and fingerprint propo… Thijs van Dijk
Re: [openpgp] Version 5 key and fingerprint propo… Peter Todd
Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
Re: [openpgp] Version 5 key and fingerprint propo… Peter Todd
Re: [openpgp] Version 5 key and fingerprint propo… Thijs van Dijk
Re: [openpgp] Version 5 key and fingerprint propo… Derek Atkins
Re: [openpgp] Version 5 key and fingerprint propo… Peter Todd
Re: [openpgp] Version 5 key and fingerprint propo… HANSEN, TONY L
Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
Re: [openpgp] Version 5 key and fingerprint propo… Peter Gutmann
Re: [openpgp] Version 5 key and fingerprint propo… brian m. carlson
Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
Re: [openpgp] Version 5 key and fingerprint propo… Jon Callas
Re: [openpgp] Version 5 key and fingerprint propo… Derek Atkins
Re: [openpgp] Version 5 key and fingerprint propo… Ben McGinnes
Re: [openpgp] Version 5 key and fingerprint propo… Vincent Breitmoser
Re: [openpgp] Version 5 key and fingerprint propo… brian m. carlson