Re: Default hash

2011-03-01 Thread chr0n0
e it has had undeniably more analysis thrown its way. -- View this message in context: http://old.nabble.com/Default-hash-tp31002378p31033879.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnu

Re: Default hash

2011-02-26 Thread Aaron Toponce
On 02/26/2011 04:37 PM, Faramir wrote: > Because its author says you should move to Twofish? Dammit! I meant Twofish, not Blowfish. I knew what I meant, but I didn't type it. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o

Re: Default hash

2011-02-26 Thread Faramir
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 26-02-2011 20:07, Aaron Toponce escribió: ... > Thoughts? > > http://eprint.iacr.org/2010/023.pdf In this section, the attack assumptions are described. ² Correct and faulty ciphertexts calculated from the same plaintext are known. ² One pair of

Re: Default hash

2011-02-26 Thread Faramir
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 26-02-2011 19:44, Aaron Toponce escribió: ... > Fortunately for me, this is my personal GnuPG preferences, and not those > of my employer. Blowfish is good crypto, and I still haven't found a > good reason to not using it. AES is the federal stand

Re: Default hash

2011-02-26 Thread Aaron Toponce
On 02/26/2011 02:27 PM, Faramir wrote: > Here he says Twofish has speed comparable with AES, without some > vulnerabilities (but Serpent is considered even more secure). However, > he says if AES fails, you won't be blamed for using it (so is the safest > for your career). If you chose Twofish, a

Re: Default hash

2011-02-26 Thread Aaron Toponce
On 02/26/2011 02:27 PM, Faramir wrote: > Here he says Twofish has speed comparable with AES, without some > vulnerabilities (but Serpent is considered even more secure). However, > he says if AES fails, you won't be blamed for using it (so is the safest > for your career). If you chose Twofish, a

Re: Default hash

2011-02-26 Thread Faramir
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 26-02-2011 15:59, Simon Ward escribió: > On Sat, Feb 26, 2011 at 07:49:41AM -0300, Faramir wrote: ... >> There is an interview somewhere (I was looking for it to provide >> citation, but I was unable to find it. I think it used to be in his blog

Re: Default hash

2011-02-26 Thread Simon Ward
On Sat, Feb 26, 2011 at 07:49:41AM -0300, Faramir wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > El 26-02-2011 0:27, Aaron Toponce escribió: > > On 02/25/2011 07:39 PM, Robert J. Hansen wrote: > >> Bruce himself recommends AES over TWOFISH. > > > > [citation needed] > > > > I kno

Re: Default hash

2011-02-26 Thread David Shaw
On Feb 26, 2011, at 9:10 AM, Aaron Toponce wrote: >> 3DES's history is instructive. NIST has declared it "dead in 20 years" >> more often than Netcraft has declared BSD to be dying.[*] At this >> point, I'm unaware of anyone who seriously believes 3DES will be gone in >> 20 years. Most people s

Re: Default hash

2011-02-26 Thread David Shaw
On Feb 25, 2011, at 6:05 PM, Aaron Toponce wrote: > Also, my understanding on how the preferences are chosen by GnuPG is the > following: > > 1. User wishes to encrypt mail to me, so my cipher preferences in my > public key are pulled. > 2. My first preference, Twofish, is used, only if the sende

Re: Default hash

2011-02-26 Thread Aaron Toponce
On 02/25/2011 08:46 PM, Robert J. Hansen wrote: > On 2/25/11 10:27 PM, Aaron Toponce wrote: >> On 02/25/2011 07:39 PM, Robert J. Hansen wrote: >>> Bruce himself recommends AES over TWOFISH. >> >> [citation needed] > > _Practical Cryptography_. Read it. Other people on this list can > provide a p

Re: Default hash

2011-02-26 Thread Faramir
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 26-02-2011 0:27, Aaron Toponce escribió: > On 02/25/2011 07:39 PM, Robert J. Hansen wrote: >> Bruce himself recommends AES over TWOFISH. > > [citation needed] > > I know that he's recommended AES-128 over AES-256, but I've not read > where he's

Re: Default hash

2011-02-25 Thread Robert J. Hansen
On 2/26/11 12:41 AM, John Clizbe wrote: > pg 64. Sect 4.5.7 - Which Block Cipher Should I Use? And, I forgot: I have my Kindle with me. _Practical Cryptography_ isn't available on Kindle, but _Cryptography Engineering_ is (also by Schneier). Quoting from 3.5.6, "Which Block Cipher Should I Choos

Re: Default hash

2011-02-25 Thread John Clizbe
Robert J. Hansen wrote: > On 2/25/11 10:27 PM, Aaron Toponce wrote: >> On 02/25/2011 07:39 PM, Robert J. Hansen wrote: >>> Bruce himself recommends AES over TWOFISH. >> >> [citation needed] > > _Practical Cryptography_. Read it. Other people on this list can > provide a page ref: I'm at a funer

Re: Default hash

2011-02-25 Thread Robert J. Hansen
On 2/25/11 10:27 PM, Aaron Toponce wrote: > On 02/25/2011 07:39 PM, Robert J. Hansen wrote: >> Bruce himself recommends AES over TWOFISH. > > [citation needed] _Practical Cryptography_. Read it. Other people on this list can provide a page ref: I'm at a funeral in the middle of nowhere and don'

Re: Default hash

2011-02-25 Thread Aaron Toponce
On 02/25/2011 07:39 PM, Robert J. Hansen wrote: > Bruce himself recommends AES over TWOFISH. [citation needed] I know that he's recommended AES-128 over AES-256, but I've not read where he's recommended AES over TWOFISH. >> I don't trust 3DES > > Why? Bruce himself has said that if speed isn't

Re: Default hash

2011-02-25 Thread Robert J. Hansen
On 2/25/11 6:05 PM, Aaron Toponce wrote: > I chose Twofish as my first 256-bit cipher, as I support Bruce Schneier > and it's shown to be a very robust and capable cipher, both in terms of > speed and memory usage. Bruce himself recommends AES over TWOFISH. > I don't trust 3DES Why? Bruce himse

Re: Default hash

2011-02-25 Thread Aaron Toponce
On 02/25/2011 03:22 PM, Ben McGinnes wrote: > You shouldn't need to worry about changing the preferred order. GPG > will determine the most compatible combination of ciphers and hashes > based on the keys used to encrypt messages. For example, my preferred > symmetric cipher is AES-256, but on a

Re: Default hash

2011-02-25 Thread Ben McGinnes
On 25/02/11 12:48 AM, Aaron Toponce wrote: > > I wanted to avoid breaking from default, which was the main reason > for my post, but it appears that it's not possible if I want to use > the stronger hashes, which is fine. As long as I know the > limitations of my keys, and don't force preferences

Re: Default hash

2011-02-24 Thread Robert J. Hansen
On 2/24/11 4:31 PM, Aaron Toponce wrote: > If I run 'setpref S9 S10 S13 ...' when editing my key, then is adding > all this to the gpg.conf file really necessary? Yes. "setpref" is, IMO, a badly misnamed command. The preferences you attach to your certificate are more like a ranked set of capabi

Re: Default hash

2011-02-24 Thread Aaron Toponce
On Thu, Feb 24, 2011 at 08:37:50PM +1100, Ben McGinnes wrote: > Cipher: AES256, TWOFISH, CAMELLIA256, AES192, CAMELLIA192, AES, > CAMELLIA128, 3DES, CAST5, BLOWFISH, IDEA > Digest: SHA512, SHA384, SHA256, SHA224, RIPEMD160, SHA1, MD5 > Compression: BZIP2, ZLIB, ZIP, Uncompressed > Features: MDC, Ke

Re: Default hash

2011-02-24 Thread Aaron Toponce
On Thu, Feb 24, 2011 at 10:32:11AM -0500, Daniel Kahn Gillmor wrote: > On 02/24/2011 04:03 AM, Doug Barton wrote: > > You're using a 1024 bit DSA key, which won't allow for 256 bit hashes. > > RIPEMD-160 is the largest you can use, and works well for that kind of key. > > This isn't actually the c

Re: Default hash

2011-02-24 Thread Daniel Kahn Gillmor
On 02/24/2011 04:03 AM, Doug Barton wrote: > On 02/23/2011 22:26, Aaron Toponce wrote: >> Given the release of v1.4.10, the SHA256 hashing algorithm is preferred >> over SHA1. Yet, after updating my default preferences with 'setpref' and >> signing some text, SHA1 is still used as the default hashi

Re: Default hash

2011-02-24 Thread Aaron Toponce
On Thu, Feb 24, 2011 at 08:37:50PM +1100, Ben McGinnes wrote: > On 24/02/11 8:03 PM, Doug Barton wrote: > > You're using a 1024 bit DSA key, which won't allow for 256 bit > > hashes. RIPEMD-160 is the largest you can use, and works well for > > that kind of key. Okay. That's understandable. That

Re: Default hash

2011-02-24 Thread Robert J. Hansen
> Given the release of v1.4.10, the SHA256 hashing algorithm is preferred > over SHA1. Yet, after updating my default preferences with 'setpref' and > signing some text, SHA1 is still used as the default hashing algorithm. > Is there something else I need to do to ensure that I'm using SHA256 by >

Re: Default hash

2011-02-24 Thread Ben McGinnes
On 24/02/11 8:03 PM, Doug Barton wrote: > On 02/23/2011 22:26, Aaron Toponce wrote: >> >> Given the release of v1.4.10, the SHA256 hashing algorithm is >> preferred over SHA1. Yet, after updating my default preferences >> with 'setpref' and signing some text, SHA1 is still used as the >> default ha

Re: Default hash

2011-02-24 Thread Doug Barton
On 02/23/2011 22:26, Aaron Toponce wrote: Given the release of v1.4.10, the SHA256 hashing algorithm is preferred over SHA1. Yet, after updating my default preferences with 'setpref' and signing some text, SHA1 is still used as the default hashing algorithm. Is there something else I need to do t

Default hash

2011-02-24 Thread Aaron Toponce
Given the release of v1.4.10, the SHA256 hashing algorithm is preferred over SHA1. Yet, after updating my default preferences with 'setpref' and signing some text, SHA1 is still used as the default hashing algorithm. Is there something else I need to do to ensure that I'm using SHA256 by default fo