Silly me, I meant to write SHA-256 (I was reading the AES-attack article that time).
Thanks for pointing that out! On Mon, Jul 13, 2009 at 11:13 PM, Pablo Manalastas<[email protected]> wrote: > > My GPG 1.4.9 supports the following algorithms: > > Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA > Cipher: 3DES (S2), CAST5 (S3), BLOWFISH (S4), AES (S7), AES192 (S8), > AES256 (S9), TWOFISH (S10) > Hash: MD5 (H1), SHA1 (H2), RIPEMD160 (H3), SHA256 (H8), SHA384 (H9), > SHA512 (H10), SHA224 (H11) > Compression: Uncompressed (Z0), ZIP (Z1), ZLIB (Z2), BZIP2 (Z3) > > So GPG uses AES256 only for encryption/decryption, and not for computing > hashes. I think SHA256 should work just fine. > > //PManalastas > > > --- On Tue, 7/14/09, Ariz Jacinto <[email protected]> wrote: > >> From: Ariz Jacinto <[email protected]> > >> Hi Pablo, >> >> There's a problem with that suggestion since MD5[1] and >> SHA1[2] are >> both vulnerable to hash collisions[3]. Try AES-256 :-D >> >> [1] http://www.mscs.dal.ca/~selinger/md5collision/ >> [2] http://csrc.nist.gov/groups/ST/hash/statement.html >> [3] http://en.wikipedia.org/wiki/Collision_%28computer_science%29 >> [4] http://www.schneier.com/blog/archives/2009/07/new_attack_on_a.html >> >> >> >> 2009/7/13 Pablo Manalastas <[email protected]>: >> > ....We can suggest to Comelec to compute SHA1 or MD5 >> checksums of the approved programs, and at election time, >> the checksums can be recomputed (manually) and if the >> original checksum and new checksum agree, then there is no >> substitution. > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
