Slashdot Mirror

← Back to Stories (view on slashdot.org)

Preparing To Migrate Off of SHA-1 In OpenPGP

Posted by kdawson on from the orderly-fashion dept.

jamie found a note on debian-administration.org, the first in a promised series on migrating off of SHA-1 in OpenPGP. "Last week at eurocrypt, a small group of researchers announced a fairly serious attack against the SHA-1 digest algorithm, which is used in many cryptosystems, including OpenPGP. The general consensus is that we should be 'moving in an orderly fashion toward the theater exits,' deprecating SHA-1 where possible with an eye toward abandoning it soon (one point of reference: US govt. federal agencies have been directed to cease all reliance on SHA-1 by the end of 2010, and this directive was issued before the latest results). ... So what can you do to help facilitate the move away from SHA-1? I'll outline three steps that current gpg users can do today, and then I'll walk through how to do each one..."

1 of 152 comments (clear)

  1. Re:2^52 by cheftw · · Score: 0, Flamebait

    but if my math is correct

    Actually it's wildly wrong;

    2^57 is way bigger than 144
    2^52 is also much bigger than four 4

    2^52 / 2^57 = 0,03125 = 3,125%
    ^none of those are equal

    you must be REALLY stupid

    --
    Always back up, never back down. ---- Think you're cool 'cos your uid is prime? Take mine, modulo the one digit integers