Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > i have to revoke some of my criticism towards Debian's signed > hash value lists. > Together, MD5, SHA1, SHA256, and SHA512 provide up to 132 bytes of > uniqueness (assumed that they have no systematic correlations). This is irrelevant. For brute-force attacks, even MD5's 128 bits are still enough. Even with future-proofing against computing speedups and a reasonable amount of theoretical short-cuts, SHA256 is still plenty enough all by itself. Beyond that, speculating on unknown attacks is always useless. And of course, all the hype nowadays is about quantum-resistant algorithms. > I could imagine that PGP is easier to surpass than that. It is not a matter of surpassing anything. Cryptographic signatures protect against all the same attacks as hashes, plus a whole bunch of new attacks. Regards, -- Nicolas George
Attachment:
signature.asc
Description: Digital signature