IETF Logo Mail Archive

Re: [openpgp] Fingerprints and their collisions resistance

Andrey Jivsov <openpgp@brainhub.org> Thu, 03 January 2013 22:33 UTC

Return-Path: <openpgp@brainhub.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BE7221F8DD4 for <openpgp@ietfa.amsl.com>; Thu, 3 Jan 2013 14:33:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.437
X-Spam-Level:
X-Spam-Status: No, score=-0.437 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sd1DKhXoCr6L for <openpgp@ietfa.amsl.com>; Thu, 3 Jan 2013 14:33:56 -0800 (PST)
Received: from qmta12.emeryville.ca.mail.comcast.net (qmta12.emeryville.ca.mail.comcast.net [IPv6:2001:558:fe2d:44:76:96:27:227]) by ietfa.amsl.com (Postfix) with ESMTP id DEC5521F8DCB for <openpgp@ietf.org>; Thu, 3 Jan 2013 14:33:55 -0800 (PST)
Received: from omta17.emeryville.ca.mail.comcast.net ([76.96.30.73]) by qmta12.emeryville.ca.mail.comcast.net with comcast id jYow1k0071afHeLACaZvRo; Thu, 03 Jan 2013 22:33:55 +0000
Received: from [192.168.1.8] ([69.181.162.123]) by omta17.emeryville.ca.mail.comcast.net with comcast id jaZk1k00A2g33ZR8daZuP3; Thu, 03 Jan 2013 22:33:55 +0000
Message-ID: <50E60748.3040103@brainhub.org>
Date: Thu, 03 Jan 2013 14:33:44 -0800
From: Andrey Jivsov <openpgp@brainhub.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120605 Thunderbird/13.0
MIME-Version: 1.0
To: openpgp@ietf.org
References: <50E530D6.6020609@brainhub.org> <50E5494E.6090905@iang.org>
In-Reply-To: <50E5494E.6090905@iang.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1357252435; bh=ddLeS+KzB2k9VU1sTv4oixy6ePHJOBb/61IDzPMFoWA=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=UaSNv5QJabsE0qmyFCnQpWFM3R0Ljjs6Q0Mhw53H9WjY96cmUjyHGZfvc+Q/vx0Zm /Q4+rmezKQqhHBjt+Lmz3wJcAL/8tG5j3g66iGQN7rT1Ip+v8G+FZbw7kxZna7uOTU sF417lu4kycDtdzZkyJcn9a18KuYG12EYMaBshFkIUgyxDYXALBBCPET5kW4kpfSYq f7A0AhQJmC/A28LF7jM7uEr75ycXP0obALkgSpFqWFH4Ob261tTfTLC0K1Woit9s4b GkEhQAol31DDn+/tK2TR03KwUaZWuTo+pAyX5kiBm9+v98QpHJi7sH/pPMwnmd8dE0 93r7xYMqQxLWQ==
Subject: Re: [openpgp] Fingerprints and their collisions resistance
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jan 2013 22:33:56 -0000

On 01/03/2013 01:03 AM, ianG wrote:
...
> Now that SHA-3 is settled, it seems reasonable to clean out all of the
> SHA-1s.
>
...
>
> On another related point - have the MD numbers been allocated for SHA3
> in its various guises?

In the process of writing such a draft I noticed that the only place in 
OpenPGP where SHA1 is used in collision resistance sensitive way without 
the possibility to change it is fingerprints. For this reason OpenPGP 
fingerprints stand out because these are the data structures that 
technically make (or soon will make) RFC 4880 non-compliant with 
recognized standards. I would separate the issue of fingerprints 
depending on known SHA1 weaknesses from any other task that can be 
categorized as "OpenPGP V5".

Speaking of the Keccak in OpenPGP draft, I thought that it would be 
important to gather the feeling about the path of fixing the 
fingerprints. These issues are more dependent as seems. For example, if 
you have to use SHA-3-384 for fingerprints, it affects the decisions 
about SHOULDs for hashes elsewhere.

I have this Keccak in OpenPGP darft written, waiting to for the NIST to 
publish SHA-3 and the OIDs assigned.

v2.23.0 | Report a Bug | By Email