Casper wrote:
> PGP whole disk encryption uses SHA1 for ha****ng, which
> seems to be a broken or half broken algorythm, depending
> who you ask.
>
> Anyone knows if the fact that PGP whole disk encryption
> uses SHA1 for ha****ng (AES for encryption) makes it
> much more vulnerable to attack?
>
Very late reply, but if PGP whole disk encryption just uses SHA-1 for
key derivation from the given password, then the application is still
pretty safe. Heck, they could have used MD5 and still be save.
In new applications it is very advisable to go for new hash algos, for
older applications it should be evaluated. For key derivation and some
other functions, the hash used is of less consequence.
Regards,
Maarten
|
