GnuPG and PGP are not algorithms, they are encryption systems that incorporate a variety of algorithms into their function. Both use MD5 and SHA-1. I'm not sure about PGP, but GnuPG allows you to select Tiger or RipeMD160 as your hash options instead of MD5 or SHA-1. One more note that I should have put in the article, the HMAC construct is NOT threatened by these attacks. If you're using SHA-1, or even MD5 in an HMAC, you are NOT vulnerable.
Learn about Linux
Download Linux
Get Linux help
Re:what about GnuPG & PGP
Posted by: chosner on November 04, 2005 04:30 AMCharlie
#