-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, the recent breakthrough appears to apply to all the MDx based hash algorithms. while TIGER is not, i am told, it does not mean that it is more secure, as it has not been subject to same scrutiny as the MDx based hashes. i believe that less is better, however, diversity is a good thing, especially when the algorithms are un-related. After all, this is the reason why there are numerous algorithms in a crypto suite. i am no expert of course, but it would be a cautious thing to trim down the algorithms of similar ones for the sake to complexity, and augment them with dissimilar ones for the sake of hedging one's bet. given the above a case for re-instating TIGER in openpgp could be made. hth best regards Imad R. Faiad > > From: <vedaal@xxxxxxxx> > Date: 2004/08/18 Wed PM 04:54:42 EAT > To: ietf-openpgp@xxxxxxx > Subject: re-consideration of TIGER > > >now that sha-0 has been broken, >and sha-1 is actively being looked at for a possible >extension of the >attack, > >and MD5, HAVAL, and RIPEMD are also being attacked >http://eprint.iacr.org/2004/199.pdf) > > >would it be reasonable to re-accept the non-sha based >hashes, (e.g. TIGER) >as a potential backup hash for implementations/users >that may wish to >begin doing so? > > >vedaal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBI4HfyaCxfwAfoa0RArsFAKDluxCYvOajIuzKysqQ077RoRZ6vwCaA3TY 1IUieQzgGKZIca5hjkKrXFU= =fjCn -----END PGP SIGNATURE-----
Attachment:
replyAll
Description: null