Re: NIST publishes new DSA draft
hal@finney.org ("Hal Finney") Tue, 14 March 2006 22:44 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FJIFO-0006kQ-E7 for openpgp-archive@lists.ietf.org; Tue, 14 Mar 2006 17:44:10 -0500
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FJIFN-0008LF-1i for openpgp-archive@lists.ietf.org; Tue, 14 Mar 2006 17:44:10 -0500
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k2EME6Hd016364; Tue, 14 Mar 2006 15:14:06 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k2EME6hv016363; Tue, 14 Mar 2006 15:14:06 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from finney.org (226-132.adsl2.netlojix.net [207.71.226.132]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k2EME3Sm016356 for <ietf-openpgp@imc.org>; Tue, 14 Mar 2006 15:14:06 -0700 (MST) (envelope-from hal@finney.org)
Received: by finney.org (Postfix, from userid 500) id 38E3857FB0; Tue, 14 Mar 2006 14:19:59 -0800 (PST)
To: james.couzens@electricmail.com
Subject: Re: NIST publishes new DSA draft
Cc: ietf-openpgp@imc.org
Message-Id: <20060314221959.38E3857FB0@finney.org>
Date: Tue, 14 Mar 2006 14:19:59 -0800
From: hal@finney.org
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 538aad3a3c4f01d8b6a6477ca4248793
Hi, James - I'm afraid you are off by a year on that. Those reports were from 2005, not 2006. They have been intensively discussed here and elsewhere in the cryptographic community. Indeed, those findings are a good part of why I was proposing making SHA-256 a MUST, along with the fact that this hash will now be able to be used with DSS signatures. Hal Finney > > We might want to think about making SHA-256 be another MUST algorithm. > > The only MUST hash now is SHA-1. Making SHA-256 be a MUST would make > > these new key sizes be more useful, and also give us an easier fallback > > if SHA-1 should be broken. > > SHA-1 was broken, last month by three Chinese cryptographers as reported > by Bruce Schneier through is website. On February 15, 2006 he wrote of > a new cryptographic result, an attack faster than brute-force against > SHA-1. Two days later he wrote an update to his original post and a > quote from within it: > > > Earlier this week, three Chinese cryptographers showed that SHA-1 is not > > collision-free. That is, they developed an algorithm for finding collisions > > faster than brute force. > > > > ... > > > > They can find collisions in SHA-1 in 2^69 calculations, about 2,000 times > > faster than brute force. Right now, that is just on the far edge of > > feasibility with current technology. Two comparable massive computations > > illustrate that point. > > Reference URL (02/18/2006): http://tinyurl.com/4rl78 > Original post (02/15/2006): http://tinyurl.com/4bmcc > > With respect to your suggestion about thinking about making SHA-256 a MUST > algorithm I couldn't agree more. > > Cheers, > > James > > -- > James Couzens, > Programmer > ___ __ __ ___ > | __| \/ |/ __| The Electric Mail Company > | _|| |\/| | (__ Managed, Secure Email Services > |___|_| |_|\___| http://www.electricmail.com > Direct Line: 604.482.1111 x152 > -------------------------------------------------- > PGP Key Fingerprint: > B2EF B741 1807 2F24 8B70 F89B 03D2 6CFF C52F 0052
- NIST publishes new DSA draft David Shaw
- Re: NIST publishes new DSA draft "Hal Finney"
- Re: NIST publishes new DSA draft James Couzens
- Re: NIST publishes new DSA draft "Hal Finney"
- Re: NIST publishes new DSA draft James Couzens
- Re: NIST publishes new DSA draft "Hal Finney"
- Re: NIST publishes new DSA draft Ian Grigg
- Re: NIST publishes new DSA draft Werner Koch
- Re: NIST publishes new DSA draft Ben Laurie
- Re: NIST publishes new DSA draft Ben Laurie
- Re: NIST publishes new DSA draft vedaal
- RE: NIST publishes new DSA draft Anton Stiglic
- Re: NIST publishes new DSA draft David Shaw
- Re: NIST publishes new DSA draft "Hal Finney"
- Re: NIST publishes new DSA draft David Shaw
- Re: NIST publishes new DSA draft Ian G
- Re: NIST publishes new DSA draft Werner Koch
- Re: NIST publishes new DSA draft David Shaw
- Re: NIST publishes new DSA draft Jon Callas
- Re: NIST publishes new DSA draft Jon Callas
- Re: NIST publishes new DSA draft Ian G
- Re: NIST publishes new DSA draft David Shaw
- Re: NIST publishes new DSA draft Tony Hansen
- Re: NIST publishes new DSA draft David Shaw
- Re: NIST publishes new DSA draft Ben Laurie
- Re: NIST publishes new DSA draft Jon Callas
- Re: NIST publishes new DSA draft Jon Callas
- Re: NIST publishes new DSA draft Ben Laurie
- Re: NIST publishes new DSA draft Jon Callas