GPG and SHA1

C de-Avillez hggdh2 at
Sat May 9 02:58:31 UTC 2009


With the current trend in Debian to move out of DSA into RSA [1], and
considering the theoretical (and probably correct) attack just presented
[2], what are we planning to do? 

I am curious about the potential impacts -- compatibility, cost (both
CPU-wise and conversion-wise), and proposed Ubuntu standard. Notice that
this might as well involve a change to the gpg defaults, key generation
utilities (seahorse, and equivalents), etc. In other words, it can have
a high impact both for our internal usage (maintainer keys) as for the

I am not advocating either way: 2^52 is still a large value (and, as
such, still costly to attack); but it is safe to state that the time to
move out of SHA1 is coming sooner than later, and we might get it done
right if we start thinking about it now.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the Ubuntu-devel-discuss mailing list