Hello > The problem is that strong algorithms *become* weak without advance warning. > Therefore, it is necessary to take measures to reduce the fragility of the > overall system.
Due to the thermodynamic barrier, minor weaknesses in SHA-2 and SHA-3 do not matter due to the sheer length of the hash. And you are not protecting at all against major weaknesses in the hash algorithm and you are not even considering possible weaknesses in other protocol elements. The solution to protect against any weakness in one hash algorithm is much simpler and much less susceptible to undetected security problems than your proposal: In place of using one hash algorithm, simply use the concatenation of different hash algorithms based on different mathematical problems. Use as many as you like: The result is proven to be at least as strong as the strongest of the algorithms involved. Kind regards -- Rainer Perske Systemdienste + Leiter der Zertifizierungsstelle (UCAM) -- Universität Münster CIT - Center for Information Technology Rainer Perske, Systemdienste Röntgenstraße 7-13, Raum 006 48149 Münster Tel.: +49 251 83-31582 E-Mail: rainer.per...@uni-muenster.de Website: www.uni-muenster.de/IT Universitätszertifizierungsstelle Münster (UCAM): Tel.: +49 251 83-31590 E-Mail: c...@uni-muenster.de WWW: www.uni-muenster.de/CA YouTube: youtube.com/@uni_muenster Instagram: instagram.com/uni_muenster LinkedIn: linkedin.com/school/university-of-muenster Facebook: facebook.com/unimuenster
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-devel mailing list Gnupg-devel@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-devel
