Preparing To Migrate Off of SHA-1 In OpenPGP

jamie found a note on debian-administration.org, the first in a promised series on migrating off of SHA-1 in OpenPGP. "Last week at eurocrypt, a small group of researchers announced a fairly serious attack against the SHA-1 digest algorithm, which is used in many cryptosystems, including OpenPGP. The general consensus is that we should be 'moving in an orderly fashion toward the theater exits,' deprecating SHA-1 where possible with an eye toward abandoning it soon (one point of reference: US govt. federal agencies have been directed to cease all reliance on SHA-1 by the end of 2010, and this directive was issued before the latest results). ... So what can you do to help facilitate the move away from SHA-1? I'll outline three steps that current gpg users can do today, and then I'll walk through how to do each one..."

He's Got a Knife!

[eldavojohn]

'moving in an orderly fashion toward the theater exits'

An elderly application was trampled to death today as everyone struggled to exit the Sha One theater after someone screamed that an unknown assailant had a knife. After the panic, there was no evidence of injuries from the alleged attack and police are still investigating the presence of an actual weapon.

Re:First MD5 and now this

[piripiri]

Is there any hash function that actually is secure?

Of course the good ol' rot13 !

Re:First MD5 and now this

[eldavojohn]

Is there any hash function that actually is secure?

Of course the good ol' rot13 !

Not secure enough, better apply it twice for double protection.

You can tell the men from the boys by how many times they do things. Like when I restart my computer, I do it three times to make sure it will work when the things start back up inside it.

Re:First MD5 and now this

[sadness203]

Pffff, doing it 2-3 times is for amateur.

I personally use a special rrot13. Or if you prefer, Reverse Rot13.

It's so advanced, they are still trying to break it at NSA.

Aww man, I just upgraded to SHA-1

[Anonymous Coward]

I guess I'll just go back to good old MD5.

Well that's unfortunate

[Morphine007]

Guess the Aussies overpaid, since their $560k "unbreakable" cryptosystem relies on SHA-1 [slashdot.org]. Shock of shocks, I know...

Re:better packaging for debian

[Anonymous Coward]

One specific thing that would really help would be if debian would make it a priority to do a complete job of packaging the relevant hash functions, along with bindings for popular languages.

However, as this is Debian they are more likely to "disable" SHA-1 by making it emit the plaintext.

Re:2^52

[goombah99]

but if my math is correct

Actually it's wildly wrong;

2^57 is way bigger than 144
2^52 is also much bigger than four 4

2^52 / 2^57 = 0,03125 = 3,125%
^none of those are equal

you must be REALLY stupid

I've read that there are places where the people there are so uneducated they often get their commas and periods mixed up. Probably some silly problem with typwriter keys or something I guess. Anyhow how could you expect those backward people who don't even know the right symbol for a decimal point to be able to do math.

Sheesh! good thing you pointed out that bad math to the poor slob. I bet he's feeling pretty stupid right now.