Slashdot Mirror

← Back to Stories (view on slashdot.org)

PGP Moving To Stronger SHA Algorithms

Posted by timothy on from the 511-upmanship dept.

PGP Corp. is moving to a stronger SHA Algorithm (SHA-256 and SHA-512) as consequence of the research conducted by the team at Shandong University in China who broke the SHA-1 algorithm. (See this earlier story for more information on the SHA-1 vulnerability.)

3 of 247 comments (clear)

  1. Re:What about GPG? by papercut2a · · Score: 5, Informative

    IIRC, GPG already allows SHA-256 and SHA-512, but doesn't default to them.

  2. Re:What about GPG? by papercut2a · · Score: 5, Informative

    Just to confirm, GPG 1.4 DOES support the more-bits versions of SHA. Run GPG with the --version parameter to get something like this for your copy:

    Supported algorithms:
    Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
    Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
    Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512
  3. Re:Not a solution by Anonymous Coward · · Score: 5, Informative
    As it turns out PGP (well, GPG) already has support for RIPEMD160 built in to it. To use this:
    gpg --clearsign --digest-algo RIPEMD160 foo.txt

    gpg -b --armor --digest-algo RIPEMD160 foo.tar.gz

    (First one: Clear signuatre; second one: detached signature)