Re: ASN.1 OID for TIGER/192

David Hopwood <> Tue, 01 October 2002 20:41 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id QAA04429 for <>; Tue, 1 Oct 2002 16:41:05 -0400 (EDT)
Received: (from majordomo@localhost) by (8.11.6/8.11.3) id g91KO8h01081 for ietf-openpgp-bks; Tue, 1 Oct 2002 13:24:08 -0700 (PDT)
Received: from ( []) by (8.11.6/8.11.3) with ESMTP id g91KO4v01075 for <>; Tue, 1 Oct 2002 13:24:05 -0700 (PDT)
Received: from ([] by with esmtp (Exim 3.35 #1 (Debian)) id 17wTYg-0004pC-00 for <>; Tue, 01 Oct 2002 21:23:54 +0100
Received: from ( []) by (8.11.3/8.11.3/Debian 8.11.2-1) with ESMTP id g91KNol04586 for <>; Tue, 1 Oct 2002 21:23:52 +0100
Message-ID: <>
Date: Tue, 01 Oct 2002 21:20:24 +0000
From: David Hopwood <>
X-Mailer: Mozilla 4.7 [en] (WinNT; I)
X-Accept-Language: en-GB,en,fr-FR,fr,de-DE,de,ru
MIME-Version: 1.0
Subject: Re: ASN.1 OID for TIGER/192
References: <>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-Archive: <>
List-Unsubscribe: <>
List-ID: <>
Content-Transfer-Encoding: 7bit


David Shaw wrote:
> In 2440 and in all the 2440bis drafts, the TIGER/192 hash is not fully
> usable as it has no OID.  Werner Koch and I, with the cooperation of
> TIGER's authors, recently arranged an OID for it:

I hope that is only the OID for Tiger-192 with 3 passes (as used by OpenPGP),
not Tiger in general. SHA-256, SHA-384 and SHA-512, for example, have
separate OIDs.

> It would be good to put this in 2440bis so TIGER will be usable.

Note the potential problems with the Tiger specification and test vectors
described here:

> I have a sneaking suspicion that this may raise the question whether
> TIGER should be in the standard at all, as so long as it did not have
> an OID, the question was moot.  I have no strong feelings on this
> point, but if we are not going to allow the use of TIGER, then perhaps
> we should remove it from the standard altogether or explicitly
> disallow its use as the current halfway state is confusing now that
> there is an OID available.

I agree, and the same applies to HAVAL. However, my vote is to remove both
Tiger and HAVAL; there's no reason to believe they have any security or
other advantages over the other supported hashes.

- -- 
David Hopwood <>;

Home page & PGP public key:
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5  0F 69 8C D4 FA 66 15 01
Nothing in this message is intended to be legally binding. If I revoke a
public key but refuse to specify why, it is because the private key has been
seized under the Regulation of Investigatory Powers Act; see

Version: 2.6.3i
Charset: noconv