1996-06-01 - Re: Ok, what about PGP (was: MD5 collisions)

Header Data

From: “Mark M.” <markm@voicenet.com>
To: Chris Adams <adamsc@io-online.com>
Message Hash: 7a0dca56eb90308be015aedfe028d5670879e829db41e0ba847b190de7d808a7
Message ID: <Pine.LNX.3.93.960601133031.291A-100000@gak>
Reply To: <199606010433.VAA21006@toad.com>
UTC Datetime: 1996-06-01 20:59:16 UTC
Raw Date: Sun, 2 Jun 1996 04:59:16 +0800

Raw message

From: "Mark M." <markm@voicenet.com>
Date: Sun, 2 Jun 1996 04:59:16 +0800
To: Chris Adams <adamsc@io-online.com>
Subject: Re: Ok, what about PGP (was: MD5 collisions)
In-Reply-To: <199606010433.VAA21006@toad.com>
Message-ID: <Pine.LNX.3.93.960601133031.291A-100000@gak>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 30 May 1996, Chris Adams wrote:

> On 29 May 1996 19:03:04 pdt, wlkngowl@unix.asb.com wrote:
> 
> >I poked around the pgp.h and pgformat.txt files in the PGP 2.6.2
> >distribution.  There *are* designator bytes for the hash (and cipher)
> >algorithms, hash size, etc.
> >
> >It seems quite doable to add support for SHA-1 signatures (and possibly key
> >generation for encrypting secret keys?).
> >
> >Adding 3DES (and maybe Luby-Rackoff-SHA, assuming it hasn't been cracked
> >recently at the Fast Software Conf.... more info?!?) would be nifty too...
> >unless, of course, there's meaning to the Real Soon Now that PGP3 folx
> >claim.
> 
> How about a NSA-stomper option that would use all-of-the-above? For the truly
> paranoid (or 
> owners of Pentium-Pro 200Mhz multi-processor machines

Using 3DES and SHA does not decrease speed that much (it may even be faster).
Both of them are very secure algorithms.

> 
> Also, what's the verdict on IDEA? Is there a switch yet that would allow straight RSA? 
> (with the obvious speed decrease...)

Why would you want to use straight RSA?  IDEA is as strong as a 3000-bit RSA
modulus.  So far, the only known way to crack IDEA is to brute-force the key
space.  RSA relies on the fact that it is assumed to be difficult to factor
large numbers.  If an efficient way is discovered to factor very large moduli,
then RSA is basically worthless.

- -- Mark

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
markm@voicenet.com              | finger -l for PGP key 0xe3bf2169
http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348
"In Christianity neither morality nor religion come into contact with
reality at any point."
                -- Friedrich Nietzsche


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMbB/n7Zc+sv5siulAQHJuQP/dxToToctPbfjBQE7j1sjO214kVK9TtLX
9mwRuoDppxVhMPATr3k7tdlw+COFPOQZgf0bog+RpCW+iTjlmug6tr56rkTRdUod
AJ0mR11MfQ6yNasPz81WxQracdc48ZXBFEaZYBKFCZRVAoK434dVM3slBtNVCvOn
znHMlt+W9yU=
=fvbq
-----END PGP SIGNATURE-----





Thread