On Tue, 3 Jun 2003 [EMAIL PROTECTED] wrote: <SNIP> > So, could someone please tell me: > > (1) What is the justification for using these "new" algorithms instead of > the old ones? (A cynic might suggest that, since the "powers that be" > couldn't break the old algorithms, they encouraged the use of new ones that > they could. This probably isn't true, but I'm sure you can understand why > someone might think that).
MD5 -> SHA-1 - limited hash size (128-bits vs 160) + collisions in the compression function thanks to Dobbertin. RSA -> DH/DSS - back in the day RSA was patented and DH/DSS was free. Also I recall that RSA wasn't a NIST approved algorithm when DSS was released. Splitting the signature and encryption keys was also good practice and if you're going to break backwards compat. then there's not a great argument for sticking with RSA. IDEA -> CAST5. IDEA is patented, CAST5 isn't. Note that 3DES is the only MUST algorithm in the RFC. Banks/governments etc seem to like the combination of 3DES/SHA-1 (see e.g. FIPS 140). > (2) What actually _IS_ DH/DSS? (I don't mean what do the initials it stand > for, I mean what actually is the algorithm?). I ask because I can understand > RSA, and implement it myself relatively straightforwardly, but I have not > been able to find an explanation, simple or otherwise, of what the DH/DSS > algorithm actually is, or of why it's hard to break. > > (3) Ditto CAST and SHA-1. My dated but still relevant PGP FAQ answers these questions and more: http://www.samsimpson.com/pgpfaq.html Hope this helps, Sam Regards, Sam Simpson ------------------------------------------------------------------------------ Mail: [EMAIL PROTECTED] Web: http://www.samsimpson.com/ Mobile: +44 (0) 7866 726060 ICQ: 10385495 "When it comes to humility, I'm the greatest" -- Bullwinkle Moose ------------------------------------------------------------------------------ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]