On Mar 20, 2010, at 11:40 PM, Faramir wrote: > Another thing to consider, is SHA is not as safe as it used to be, and > it it becomes easily crackeable, signatures issued using SHA can become > unsafe. So maybe you'd like to use SHA-256 instead of SHA-128. If I'm > not wrong, you would need to add the following lines to your gpg.conf > file, before generating your key: > s2k-digest-algo SHA256 > cert-digest-algo SHA256 > > The first line tells gnupg to use SHA-256 instead of SHA-1 to mangle the > passphrases. I don't really know what is that mangling thing, but if the > idea is to replace SHA-1 with SHA-256, it can be useful. (I have a bad > feeling about telling other people to use that line).
It's what GnuPG uses (in combination with a few other things) to convert your typeable-by-a-human passphrase into the symmetric key used to encrypt the secret key: S2K stands for "String to Key". It's okay to use SHA-256 here, but note that it means you might have problems moving your secret key to a different program that doesn't support SHA-256. There aren't a vast number of current programs that don't support SHA-256 these days, but there are some pretty old installations out there. Incidentally, you don't have to set s2k-digest-algo before you generate your key. If you want to "upgrade" an existing key passphrase so it is mangled via SHA-256, just set the s2k-digest-algo and change the passphrase (you can even change it to what it is currently set to - it's the change at all that causes the passphrase to be remangled). A somewhat larger risk here is that the s2k-digest-algo also applies to symmetrically encrypted data (i.e. gpg --symmetric). You need to make sure your recipient can handle it before using it. > The second line tells gnupg to use SHA-256 instead of SHA-1 for signing > other keys. And also your own key (in the self-signatures that contain the preferences and other key items). > But beware, older implementations of PGP maybe won't be able to read > SHA-256 (but probably, these implementations are outdated). Yes, they are outdated, but they do exist. How common they are depends on your community. If you're talking about the open-source community or people on this list, for example, I'd be surprised to see more than a small number. If you're talking about code that was installed a while back, then you'd likely see more that can't handle it. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
