IETF Logo Mail Archive

Re: [openpgp] Fingerprints and their collisions resistance

Tony Hansen <tony@att.com> Thu, 03 January 2013 19:26 UTC

Return-Path: <tony@att.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E679521F86C0 for <openpgp@ietfa.amsl.com>; Thu, 3 Jan 2013 11:26:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rCK+m-DA8jKt for <openpgp@ietfa.amsl.com>; Thu, 3 Jan 2013 11:26:49 -0800 (PST)
Received: from nbfkord-smmo08.seg.att.com (nbfkord-smmo08.seg.att.com [209.65.160.95]) by ietfa.amsl.com (Postfix) with ESMTP id 4829721F86A2 for <openpgp@ietf.org>; Thu, 3 Jan 2013 11:26:49 -0800 (PST)
Received: from unknown [144.160.20.145] (EHLO mlpd192.enaf.sfdc.sbc.com) by nbfkord-smmo08.seg.att.com(mxl_mta-6.11.0-12) over TLS secured channel with ESMTP id 87bd5e05.0.1260417.00-426.3473883.nbfkord-smmo08.seg.att.com (envelope-from <tony@att.com>); Thu, 03 Jan 2013 19:26:49 +0000 (UTC)
X-MXL-Hash: 50e5db794988ea42-7795238488dabaaee51789477a2e125a863c61d6
Received: from enaf.sfdc.sbc.com (localhost.localdomain [127.0.0.1]) by mlpd192.enaf.sfdc.sbc.com (8.14.5/8.14.5) with ESMTP id r03JQm9C018756 for <openpgp@ietf.org>; Thu, 3 Jan 2013 14:26:48 -0500
Received: from sflint01.pst.cso.att.com (sflint01.pst.cso.att.com [144.154.234.228]) by mlpd192.enaf.sfdc.sbc.com (8.14.5/8.14.5) with ESMTP id r03JQgTB018602 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <openpgp@ietf.org>; Thu, 3 Jan 2013 14:26:45 -0500
Received: from alpd052.aldc.att.com (alpd052.aldc.att.com [130.8.42.31]) by sflint01.pst.cso.att.com (RSA Interceptor) for <openpgp@ietf.org>; Thu, 3 Jan 2013 14:26:24 -0500
Received: from aldc.att.com (localhost.localdomain [127.0.0.1]) by alpd052.aldc.att.com (8.14.4/8.14.4) with ESMTP id r03JQMPQ003402 for <openpgp@ietf.org>; Thu, 3 Jan 2013 14:26:22 -0500
Received: from dns.maillennium.att.com (maillennium.att.com [135.25.114.99]) by alpd052.aldc.att.com (8.14.4/8.14.4) with ESMTP id r03JQI1Q003278 for <openpgp@ietf.org>; Thu, 3 Jan 2013 14:26:18 -0500
Received: from [135.91.110.142] (dn135-91-110-142.dhcpn.ugn.att.com[135.91.110.142]) by maillennium.att.com (mailgw1) with ESMTP id <20130103192550gw100632g9e> (Authid: tony); Thu, 3 Jan 2013 19:25:51 +0000
X-Originating-IP: [135.91.110.142]
Message-ID: <50E5DB59.9090109@att.com>
Date: Thu, 03 Jan 2013 14:26:17 -0500
From: Tony Hansen <tony@att.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: openpgp@ietf.org
References: <50E530D6.6020609@brainhub.org> <CAAu18hc87Qe3d0mCxzw5CpPRWv3i2YmZCB42sttRyyOtFD2jDw@mail.gmail.com>
In-Reply-To: <CAAu18hc87Qe3d0mCxzw5CpPRWv3i2YmZCB42sttRyyOtFD2jDw@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-RSA-Inspected: yes
X-RSA-Classifications: public
X-Spam: [F=0.2000000000; CM=0.500; S=0.200(2010122901)]
X-MAIL-FROM: <tony@att.com>
X-SOURCE-IP: [144.160.20.145]
X-AnalysisOut: [v=2.0 cv=D4rw3Itj c=1 sm=0 a=ZRNLZ4dFUbCvG8UMqPvVAA==:17 a]
X-AnalysisOut: [=kKemRe_CjxUA:10 a=PJtIR_1cTkwA:10 a=3DrfuPucC9MA:10 a=ofM]
X-AnalysisOut: [gfj31e3cA:10 a=BLceEmwcHowA:10 a=8nJEP1OIZ-IA:10 a=zQP7CpK]
X-AnalysisOut: [OAAAA:8 a=6qorCaAYhBoA:10 a=Dzt918kYCTuIse52W7wA:9 a=wPNLv]
X-AnalysisOut: [fGTeEIA:10 a=Hz7IrDYlS0cA:10]
Subject: Re: [openpgp] Fingerprints and their collisions resistance
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jan 2013 19:26:50 -0000

On 1/3/2013 4:33 AM, Nicholas Cole wrote:
> One issue with SHA-3 is that the fingerprints are going to be very 
> long.  How should these be displayed to the user?  Hex strings seem 
> unsuitable for this task, and I think any new standard should 
> recommend that fingerprints be displayed in some other way - probably 
> using a different base.

SHA3 is defined for a variety of hash sizes. Using SHA3 does not imply a 
long fingerprint.

     Tony Hansen
     tony@att.com

v2.23.0 | Report a Bug | By Email