Re: SHA-1 distributed collision search
- From: vedaal <vedaal@xxxxxxxxx>
- Date: Wed, 29 Aug 2007 13:34:10 -0000
On Aug 29, 4:13 am, Francois Grieu <fgr...@xxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
there reportedly is an ongoing distributed computing effort
aimed at finding a SHA-1 collision,
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
am curious about your pgp key,
it appears to have been generated recently (11/july/2007),
and is an unusual size (1984) to choose for current key use,
(even for pgp 2.x)
the signature verifies,
and it might be a good idea to cut down on the spamming here,
if people used pgp signing with a key they generated just for this
group,
but if you wanted to do that, 1024 would be just as good,
and if not, 2048 would take only slightly longer to generate
caveats:
-signature should be verified from the 'original' post, not the html
newsreader view,
-avoid any e-mail addresses in the plaintext, as these are sometimes
deleted/altered by some newsreaders/posters (e.g. google)
- don't use dashes, like in the front of this line ;-)
pgp clearsigning will change the line by putting a '-' and blank space
in front of the beginning dash
(it will still verify, but might make it annoying if someone were
posting a public key,
or pgp message as part of the cleartext)
vedaal
.
- Follow-Ups:
- Re: SHA-1 distributed collision search
- From: Francois Grieu
- Re: SHA-1 distributed collision search
- References:
- SHA-1 distributed collision search
- From: Francois Grieu
- SHA-1 distributed collision search
- Prev by Date: Re: HMAC and timing
- Next by Date: Mobile phone software to encrypt SMS ?
- Previous by thread: SHA-1 distributed collision search
- Next by thread: Re: SHA-1 distributed collision search
- Index(es):
Relevant Pages
|
|
