Setting GPG to SHA512?

[slitscan]

I want to have gpg use sha512 instead of sha1.

I'm running v1.4.0 and gpg --version returns

Code: Select all

Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512

so sha512 is supported.

I read the man page and it says I can just type --digest-algo sha512, but it doesn't work for me

Code: Select all

gpg --digest-algo sha512
gpg: Go ahead and type your message ...

how can I fix it?

[Genone]

Maybe you should start with what you want to do in the first place, gpg can do a lot of stuff. Also what you posted isn't an error message, so there is nothing to "fix" so far.

[slitscan]

I want gpg to use sha512 to make hashes, instead of sha1.

[j-m]

I want gpg to use sha512 to make hashes, instead of sha1.

Umh, so do it! Where is your problem? I cannot see any error anywhere...

[bombcar]

I think he wants GPG to use SHA512 as a default. But you have to configure this in the program that is calling GPG, not in GPG itself, unless you recompile and disable SHA1, but that might break things.

[bogusfart]

The version of GPG I'm using gives the following output with --version:

Code: Select all

gpg (GnuPG) 1.2.6
[other stuff...]

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512
Compression: Uncompressed, ZIP, ZLIB, BZIP2

But I get this error when I put --digest-algo SHA512 in my gnu.conf file.

Code: Select all

gpg: /home/[username]/.gnupg/gpg.conf:212: invalid option

Of course, line 212 is the line that i have --digest-algo SHA512 on

Running gpg --digest-algo SHA256 --gen-key returns:

Code: Select all

gpg: digest algorithm `SHA256' is read-only in this release
gpg: selected digest algorithm is invalid

So I guess that means I can verify signatures using SHA256 but cannot use it to make signatures myself?

Do I need to change a use-flag and re-install or upgrade to "testing" 1.4.0-r1 or 1.4.0-r2? That's what slitscan is using and there doesn't appear to be any real error message, like Genone and g-m were saying.

I'm guessing that 1.4.0-r2 would be better and more stable than 1.4.0-r1? Please advise. TIA.

[bogusfart]

So I installed gpg-1.4.0-r2. I am able to attempt to use SHA256 to generate a signature, but now I get this message:

Code: Select all

gpg: DSA requires the use of a 160 bit hash algorithm
gpg: [stdin]: clearsign failed: general error

I'm using a 1024 bit DES/2048 bit Elgamal key (or key pair?). What do I have to do to get SHA256? When I generated my private and public keys, I ran gpg --digest-algo sha256 gen-key and it ran all the way through without any problems.

Any ideas?

[tdb]

All you have to do is use the

Code: Select all

gpg --edit-key (keyid/uid)

and then the setpref command to list, in order, the exact preferences for symmetric cipher, hash functions, and compression. You can pick from the choices shown in gpg --version. Set them like this

Code: Select all

setpref S9 S10 H10 Z2 Z0

Then type save. That will set your key to use AES 356, then Twofish for symmetric cipher, only SHA 512 (since it is the only hash listed), and either zlib compression or no compression at all.

Keep in mind these settings only apply to your key, and they are really just a preference. You can't force the other side to use a particular cipher/hash. Older versions of PGP do not support SHA 512, for example.

[littlebuddy]

Just FYI...

As someone getting their PhD in cryptography, I don't think there is any reason to panic about SHA1 at this point, unless your application happens to be top-secret gov't stuff.

The new attack being claimed on SHA1 has estimated complexity of 2^(69) hash operations, well beyond just about anyone's computational ability (save the NSA, maybe). As of yet, there are no published collisions for SHA1.

Also, the paper is not yet public, so no one has had a chance to verify that the attack would work.

By the time this would really become an issue, I would be willing to be the default hash algorithm in GPG will have changed.

[bogusfart]

Thank you for the response tdb, but it was a little more technical than I have the capacity to understand at this point. Also, I apologize for not getting back sooner, but I've been very busy lately with other things...

Perhaps I'm a bit confused about the technical details and differences between a symmetric cipher and a hash function. I'll read up on it some more whenever I can to see if I can figure it out, but for right now, these are my questions.

The following is output from pref and showpref commands when invoking gpg with --edit-key (keyid/uid):

Code: Select all

Command> pref
pub  1024D/XXXXXXXX  created: 2005-02-22  expires: never       usage: CS
                     trust: ultimate      validity: ultimate
[ultimate] (1). (My Name] <mymail@mymail.com>
     S9 S8 S7 S3 S2 S1 H2 H3 Z2 Z1 [mdc] [no-ks-modify]

Command> showpref
pub  1024D/XXXXXXXX  created: 2005-02-22  expires: never       usage: CS
                     trust: ultimate      validity: ultimate
[ultimate] (1). (My Name] <mymail@mymail.com>
     Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA
     Digest: SHA1, RIPEMD160
     Compression: ZLIB, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify

Command>

But this is what I see when I run gpg --version:

Code: Select all

gpg (GnuPG) 1.4.0
[Copyright, etc.]
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512
Compression: Uncompressed, ZIP, ZLIB

1. Why do these commands show different available algorithms? Do I have to edit a .conf file somewhere to show all the options when I run pref or showpref?
2. I'm guessing the SX, HX, and ZX (where X is a number) correspond to the cipher, digest (hash), and compression options, respectively. Is this correct? Is your AES356 note a typo and supposed to be AES256?
3. Which of the ciphers, hashes, and/or compression types above, if any, is PGP not compatible with? I would like to be as compatible as possible with PGP, except for older versions that cannot do SHA256, of course.
4. What do you mean by "That will set your key to use AES 356, then Twofish for symmetric cipher?"

I'm new to encryption and I am not sure how AES356 (or AES256?) and Twofish create a symmetric cipher or how GPG uses such a cipher. To be completely honest, all I know is that there is a private key used to for digital signatures and decryption, and public keys used for encryption and signature verification. Is this much right at least?

I'll do my best to try and sort this out myself, and I'll key everyone updated in case anyone is curious. Does anyone know of a good yet quick tutorial that is not too technically detailed that can explain all of this for me?

Thanks again.

[bogusfart]

Thanks for your comment littlebuddy, but I'd like to get a head start and learn more about PGP/GPG than how to use the "defaults." Defaults usually get the job done, of course, but I'd like to learn a little more than enought to "get by."

I'm not getting my Ph.D. in anthing right now. All I have is a BS in (gasp) business (CIS/MIS emphasis), so I'm not a math or science wiz, although I did take some calc and statistics (I've forgotten quite a bit from lack of use...).

I've only been out of school for about nine months (I'm about to be born!), but I'd like to continually learn new things and expand my career opportunities. Do you have any tips for someone like me trying to learn about cryptography and security?

[littlebuddy]

Thanks for your comment littlebuddy, but I'd like to get a head start and learn more about PGP/GPG than how to use the "defaults." Defaults usually get the job done, of course, but I'd like to learn a little more than enought to "get by."

I'm not getting my Ph.D. in anthing right now. All I have is a BS in (gasp) business (CIS/MIS emphasis), so I'm not a math or science wiz, although I did take some calc and statistics (I've forgotten quite a bit from lack of use...).

I've only been out of school for about nine months (I'm about to be born!), but I'd like to continually learn new things and expand my career opportunities. Do you have any tips for someone like me trying to learn about cryptography and security?

Sure - I figured you were probably going to change to a different hash function anyway. I just wanted to let people know that the sky isn't falling w/ regard to SHA1.

Cryptography is of course a small subset of security, and I have only been concentrating on the former. For a thorough guide/reference to cryptography, I would recommend the following book:
http://www.cacr.math.uwaterloo.ca/hac/

It's the Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone

[bogusfart]

Cryptography is of course a small subset of security, and I have only been concentrating on the former. For a thorough guide/reference to cryptography, I would recommend the following book:
http://www.cacr.math.uwaterloo.ca/hac/

It's the Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone

Thanks for the tip. It looks like a very extensive book, especially considering the price for the hard copy. It seems like a great book to include as course material for a college or graduate student focusing on the subject. I may find a few of the online chapters useful, though. Who knows, maybe I'll end up buying it...

I may not have access to the Net for a few days (or only slooow dial-up), so I may not post any progress or findings for a while. I would appreciate any additional tips though, if anyone has any. I'll be sure to post anything I think others like me may find helpful when I get the chance.