On Jan 4, 2013, at 4:37 PM, Stephen Paul Weber <[email protected]> wrote:
> The manpage for gpg sez: > >> Secret keys are integrity protected by using a SHA-1 checksum. This >> method is part of the upcoming enhanced OpenPGP specification but GnuPG >> already uses it as a countermeasure against certain attacks. Old >> applications don't under‐ stand this new format, so this >> option may be used to switch back to the old behaviour. Using this option >> bears a security risk. > > Does anyone know what the actual security risk is? Using a weaker checksum > obviously makes it easier to forge data, but in this case the data being > forged is just the secret parts of a secret key. What are the attack vectors > there? http://eprint.iacr.org/2002/076.pdf David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
