|
Saturday, February 19, 2005
|
|
|
PGP Algorithm Migration. According to Callas, "We've been planning for just this sort of event for some time." All PGP products are architected to allow for rapid and non-disruptive migration of all encryption, hash, compression, and signature algorithms. PGP Corporation began planning the migration to more secure hash algorithms after MD5 was compromised last year. Callas addressed the company's design philosophy in a September 2004 CTO Corner article entitled "Much ado about hash functions." At the same time, PGP engineers began implementing a shift from SHA-1 to the stronger algorithms (SHA-256 and SHA-512) while preserving interoperability with existing software. [PGP Corporation]
I may be wrong here, but it seems to me that simply increasing the number of bits in an algorithm that's already been proven vulnerable isn't the best idea. Are there no strong algorithms available that aren't derived from MD4?
7:02:14 PM
|
|
|
|
© Copyright
2006
Ken Hagler.
Last update:
2/15/2006; 2:04:39 PM.
|
|
|