From: wlkngowl@unix.asb.com (Mutatis Mutantdis)
Date: Thu, 30 May 1996 09:20:32 +0800
To: cypherpunks@toad.com
Subject: Re: Ok, what about PGP (was: MD5 collisions)
Message-ID: <199605292005.QAA27595@unix.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


I poked around the pgp.h and pgformat.txt files in the PGP 2.6.2
distribution.  There *are* designator bytes for the hash (and cipher)
algorithms, hash size, etc.

It seems quite doable to add support for SHA-1 signatures (and possibly key
generation for encrypting secret keys?).

Adding 3DES (and maybe Luby-Rackoff-SHA, assuming it hasn't been cracked
recently at the Fast Software Conf.... more info?!?) would be nifty too...
unless, of course, there's meaning to the Real Soon Now that PGP3 folx
claim.

I
d work on the hack now (and just might...) but I'm stuck stranded in the
United States. :(


Rob.