[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [openpgp] New fingerprint: which hash algo (was: to v5 or not to v5)
On Mon, 21 Sep 2015 11:13, simon@xxxxxxxxxxxxx said:
> Regarding which hash to use, SHA-256 is probably the simplest choice
> From a practicallity and consensus point of view. Are there any strong
> reasons to favor something else?
I see also several reasons to favor SHA-256:
- SHA-2 has shown no weaknesses during the SHA-3 competition.
- SHA-256 is the commonly used hash algorithm for OpenPGP messages and
keys and thus available in all code bases.
- Although not an issue for fingerprints, SHA-3 is slower than SHA-2.
- On embedded systems SHA-512 has a substantially performance penalty
Given that modern ECC requires a larger than 256 bit hash, I am not sure
whether the next point is valid:
- If we would go for a newer hash algorithm, all implementations would
need to support SHA-256 (and SHA-1) anyway to support existing keys
and allow verification of existing signatures. Also decryption of
symmetrically encrypted messages may require SHA-256 for the S2K.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
openpgp mailing list