LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   OpenPGP - MDC Packet - SHA1 (https://www.linuxquestions.org/questions/linux-security-4/openpgp-mdc-packet-sha1-798703/)

tomehb 03-29-2010 01:47 PM
OpenPGP - MDC Packet - SHA1
 
OpenPGP Standard RFC 4880, not really a Linux Question, but as may be using GnuPG on Linux I thought I would ask here:)

The Modification Detection Code Packet is defined to use SHA-1, even though it does state in section 13.11. that this can be altered, and gives example methods. However this would cause interoperability, (q1)so I assume there is no standard method of doing this??

(q2)How much of a threat do you believe this to be? Even though the SHA-1 hash is encrypted within the symmetrically encrypted integrity protected data packet.


Cheers

Thomas

tomehb 03-29-2010 07:19 PM
Found some good Sources of Info, any other input will be good though :)

http://www.imc.org/ietf-openpgp/mail.../msg33235.html

http://www.aigarius.com/blog/2009/05...-1-in-openpgp/


All times are GMT -5. The time now is 03:51 PM.