Bugtraq mailing list archives
Re: SHA-1 broken
From: Tollef Fog Heen <tfheen () err no>
Date: Sat, 19 Feb 2005 14:22:12 +0100
* | Hey all, | | > We abandon the requirement of collision resistance. This is a | > strange requirement, and is not supported by experience. Collision | > resistance | | we might think of changing the requirement of collision resistance | to "collision resistance in input data that is valid ASCII text". The | attacks on MD5 used the weak avalanche of the highest-order bit | in 32-bit words for producing the collision, basically precluding the | possibility of generating colliding ASCII text. That's not really useful is you want to sign something in non-English languages. Valid UTF8 might be a decent requirement, though. -- Tollef Fog Heen ,''`. UNIX is user friendly, it's just picky about who its friends are : :' : `. `' `-
Current thread:
- Re: SHA-1 broken, (continued)
- Re: SHA-1 broken Kent Borg (Feb 17)
- Re: SHA-1 broken Michael Cordover (Feb 17)
- Re: SHA-1 broken dullien (Feb 19)
- Re: SHA-1 broken D.J. Capelis (Feb 19)
- Re: SHA-1 broken Michael Cordover (Feb 20)
- Re: SHA-1 broken Dan Harkless (Feb 19)
- Re: SHA-1 broken Robert Sussland (Feb 17)
- Re: SHA-1 broken dullien (Feb 19)
- Re: SHA-1 broken Darren Reed (Feb 19)
- Re: SHA-1 broken dullien (Feb 19)
- Re: SHA-1 broken Tollef Fog Heen (Feb 19)
- Re: SHA-1 broken Denis Jedig (Feb 21)
- Re: SHA-1 broken dullien (Feb 19)
- RE: SHA-1 broken Frank Knobbe (Feb 21)
- Re: SHA-1 broken exon (Feb 19)
- Re: SHA-1 broken Peter J. Holzer (Feb 21)
- Re: SHA-1 broken Brian May (Feb 19)