[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: how close is OpenPGP tied to SHA1
On Mon, Feb 2, 2009 at 8:04 PM, Jon Callas <jon@xxxxxxxxxx> wrote:
>> The first question would be: Are SHA2 algorithms really more secure
>> than SHA1?
Does it protect against the attacks recently found in SHA1?
Or is it "just" better, because the larger hash size?
>> If so one could think to switch for example to SHA512.
> You could. This is what most people are doing.
Ok,.. but you cannot fully leave SHA1,.. you can only switch you
signature hash algorithm, as far as I know.
>> Or even wait for SHA3.
> This is likely the best answer.
Does anyone know the state on SHA3?