Quote from: msft1 on August 09, 2012, 10:20 pmQuote from: pine on August 09, 2012, 09:52 pmThis means if banks are using SHA1, we had better be at least 1 version ahead, indeed we ought to update ASAP when SHA3 comes out later this year I think.I disagree that just because a particular PGP implementation uses SHA1, it's easy/trivial to crack. When security folks talk about an algorithm being insecure, they mean that it's _feasible_ to crack it given lots and lots of computing resources. Feasibility means months or years of work.Besides, PGP doesn't _just_ use plain SHA1. It uses a combination of a few crypto methods, so even if SHA1 was trivial to crack (which it's not) there are still other pieces to deal with.Now, put this in the context of an SR buyer ordering a few grams of some illegal substance. Who in their right mind would throw a supercomputer and then wait months to _hopefully_ get a result?So my point stands. For the purpose of encrypting destination address in SR transaction, this tool is pretty good. It has two huge advantages - easy to use, easy to access. I don't see what's all the fuss is about.msft1, I did not say SHA-1 was easy or trivial to crack.It is however, compromised and has been compromised for 7 years according to Symantic and others. That's not an inconsiderable length of time and enough for me to think there are organizations with the ability to crack it quickly (if you read about the history of crypto you'll see that the government's intelligence services have long had a tendency to keep the best goodies to itself and sponsor deprecated encryption standards in order to obtain an edge).I don't see why you would choose a potentially weak algorithm over a newer stronger version which there is no opportunity cost to updating your system. You download a new copy of PGP which uses SHA-2. You then import your private key from before. Bang. You are good. Problem gone.Cryptography is an arms race, there is no good reason to fall behind in it. It's not as if we're replacing expensive machinery or something. The most you ever will have to do in any kind of update situation is generate a new PGP key pair and inform your contacts of that change using a message signed with the old private key if they email you with an encrypted message using the old public key. That's like a maintenance job you do once every two or three years, hardly time consuming or eternally frustrating.--On the issue of feasibility, it is a matter of time, computer power and motivation. We currently have time on our side, but the government's memory is long, so why take any chances.I mean, SR is not a huge target *right now* this minute.But what about in 2020? In 2030? By then quantum computing and powerful cloud networks will be in vogue and available to nearly anybody (quantum computing halves the strength of a PGP key which is why some people are using keys twice as long as normal e.g. Liberte's 8192 bit encrypted volume for example). SR itself probably won't be around by then if for no other reason than DPR retiring to some tropical island, but my point is that the relative importance of darknet black markets is likely to rise considerably in the next decade or two to put it mildly. People who are not targets today, could become targets tomorrow in a world of less expensive CPU cycles and more motivation. To make an example of those dudes who started off the whole thing. Doesn't sound like science fiction to me.