SHA224 Question

[David Shaw]

On Thu, Apr 20, 2006 at 11:10:12AM -0400, John W. Moore III wrote:
> With the inclusion of SHA224 beginning with svn-4117 I have be
> unsuccessful in finding and documentation regarding this has in the
> release.  I am assuming that it is *not* backward compatible with any
> pre-existing Key and am wondering if Keys generated with 4117 will
> support SHA224.

It is backwards compatible as any hash is - you can certainly use it,
but if your recipient can't handle it, they can't verify the
signature.

> Also, what type of Key is SHA224 designed for use with?  I am assuming
> it has to do with the 'new' DSA Keys; but I am often wrong when I assume.

Yes, it's mainly a DSA2 thing.  DSA2 finally allows for DSA keys
larger than 1024 bits, and isn't locked at a 160-bit hash.

SHA-224 is an unusual beast.  It's a chopped-down variant of SHA-256,
so it's weaker than SHA-256, but takes the same amount of CPU to
process.  It's in the OpenPGP standard (and GnuPG) basically because
it's in the DSA2 standard.

> Please NOTE:  I am *not* a Member of this mailing list and therefore
> will not be able to read any Reply posted here.  If this list isn't
> 'Closed' I would appreciate a link for registration.

http://lists.gnupg.org/mailman/listinfo/gnupg-devel

David