Hi Stefan,
A chosen-prefix collision attack works as follows: an attacker chooses
two message prefixes, and then uses near collisions blocks (in the
SHA-1 is a Shambles paper they needed about 10 such 512-bit blocks) to
align the internal state of the two hashes. Since SHA-1 is a
streaming functi
On 2020-11-17 at 22:18 -0700, Mark wrote:
> Not to ask a stupid question but how can you tell which algorithm your
> keys are using and if using SHA1 update them to a more secure one?
I have a better answer than my previous one, because the very next
mailing-list I read has a post today from the S
On 2020-11-17 at 22:18 -0700, Mark wrote:
> Not to ask a stupid question but how can you tell which algorithm your
> keys are using and if using SHA1 update them to a more secure one?
With GnuPG, `gpg --list-packets` shows a lot of fine detail, but unless
you're familiar with the standards it can
Hi
Thank you for the reply and we have looked into the documentation.
But after debugging a little we found that we are running into this issue only
if we use gpg 2.2.4 version. We tested the same code with gpg 1.4.20 version
and it seems to work fine. I mean we ran the test cases for the code
Am 2020-11-18 um 14:30 schrieb Stefan Claas:
On Tue, Nov 17, 2020 at 11:11 PM Ernst G Giessmann via Gnupg-users
wrote:
The answer to the second question is:
A SHA-1 collision of two documents D1 and D2 means that the hash values
Hash(D1) and Hash(D2) are equal, which in turn means that (regard
On Wed, Nov 18, 2020 at 2:30 PM Stefan Claas
wrote:
>
> On Tue, Nov 17, 2020 at 11:11 PM Ernst G Giessmann via Gnupg-users
> wrote:
> >
> > The answer to the second question is:
> >
> > A SHA-1 collision of two documents D1 and D2 means that the hash values
> > Hash(D1) and Hash(D2) are equal, wh
On Tue, Nov 17, 2020 at 11:11 PM Ernst G Giessmann via Gnupg-users
wrote:
>
> The answer to the second question is:
>
> A SHA-1 collision of two documents D1 and D2 means that the hash values
> Hash(D1) and Hash(D2) are equal, which in turn means that (regardless
> who signs) any signature of D1 (
Thank you for your reply, much appreciated! I will however ask also
Ernst here again the same question one more time again, as an
illustrative example.
Regards
Stefan
On Mon, Nov 2, 2020 at 3:25 PM Phil Pennock via Gnupg-users
wrote:
>
> On 2020-11-02 at 13:49 +0100, Werner Koch via Gnupg-users
