Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> i have to revoke some of my criticism towards Debian's signed
> hash value lists.
> Together, MD5, SHA1, SHA256, and SHA512 provide up to 132 bytes of
> uniqueness (assumed that they have no systematic correlations).

This is irrelevant. For brute-force attacks, even MD5's 128 bits are still
enough. Even with future-proofing against computing speedups and a
reasonable amount of theoretical short-cuts, SHA256 is still plenty enough
all by itself. Beyond that, speculating on unknown attacks is always
useless. And of course, all the hype nowadays is about quantum-resistant

> I could imagine that PGP is easier to surpass than that.

It is not a matter of surpassing anything. Cryptographic signatures protect
against all the same attacks as hashes, plus a whole bunch of new attacks.


  Nicolas George

Attachment: signature.asc
Description: Digital signature

Reply via email to