-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Paul Richard Ramer escribió: > On Sun, 21 Mar 2010 00:40:08 -0300 Faramir wrote: >> Another thing to consider, is SHA is not as safe as it used to be, and >> it it becomes easily crackeable, signatures issued using SHA can become >> unsafe. So maybe you'd like to use SHA-256 instead of SHA-128. If I'm > > I believe that you meant SHA-1 and not SHA-128, because there isn't a > hash called SHA-128. Also SHA-1 is a 160 bit hash.
Right, I was referring to SHA-1, and I confused the bit length of SHA-1 with key length of AES. I saw another message, from Robert J. Hansen, saying indeed there is a "SHA-128" unofficial denomination. Maybe I saw "SHA-128" while browsing documents about SHA, and that contributed to my confusion. But anyway, I was referring to the "normal" SHA algorithm. ... >> idea is to replace SHA-1 with SHA-256, it can be useful. (I have a bad >> feeling about telling other people to use that line). > > In addition to what David said, the passphrase mangling uses iterations > of the hash algorithm to slow down a brute force attack on the > passphrase. So for a fictional example, GnuPG will hash the word "dog" > and produce "0123456789". Then it will iterate by taking the output of > the hash algorithm and use it as input to another instance of hashing. > So in this example it would take the output of "0123456789" and hash it > to produce "9876543210". Good, now I know what is "password mangling" about. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJLqUW+AAoJEMV4f6PvczxA5vMH/2O6iSWqRINIz3mqUG5PXjce CKHyBeBPx5qmjUB7t1ze2q1Ke0+jtH5tPVy3vGbiDjnlMmHjCerzMTkTJnGkQa7F fStgLvzSuVRUdTg5szPzrdXYdG3s4riDDnMSd577EAWEepAn2KH29AE8rwoEWwn6 V6EUsOMI48gqRbdwnSRaYJJkYWcF+GZkY/dc0hspnk3JXCfleh1Qrel5zcGHTRdg Y0yf/86n7pdKc8i7i0y6/0EXzJ5Jv5Tbh40UgEicoI8U6e9qqkQil/oYj0N3OFRC 5TXZdMFnzr/PP2W69fEjBScqotZWHDgaqrt5zo4ZY6GJ5mtAcVlZ6p6Y/SOsoro= =XfT4 -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
