nanog mailing list archives
Re: SHA1 collisions proven possisble
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Thu, 23 Feb 2017 15:03:34 -0500
On Feb 23, 2017, at 2:59 PM, Ca By <cb.list6 () gmail com> wrote:
On Thu, Feb 23, 2017 at 10:27 AM Grant Ridder <shortdudey123 () gmail com> wrote:Coworker passed this on to me. Looks like SHA1 hash collisions are now achievable in a reasonable time period https://shattered.io/ -GrantGood thing we "secure" our routing protocols with MD5
MD5 on BGP considered Harmful.
:)
:-) More seriously: The attack (or at least as much as we can glean from the blog post) cannot find a collision (file with same hash) from an arbitrary file. The attack creates two files which have the same hash, which is scary, but not as bad as it could be. For instance, someone cannot take Verisign’s root cert and create a cert which collides on SHA-1. Or at least we do not think they can. We’ll know in 90 days when Google releases the code. -- TTFN, patrick
Current thread:
- SHA1 collisions proven possisble Grant Ridder (Feb 23)
- Re: SHA1 collisions proven possisble Ca By (Feb 23)
- Re: SHA1 collisions proven possisble Patrick W. Gilmore (Feb 23)
- Re: SHA1 collisions proven possisble valdis . kletnieks (Feb 23)
- Re: SHA1 collisions proven possisble Ricky Beam (Feb 23)
- Re: SHA1 collisions proven possisble J. Hellenthal (Feb 23)
- Re: SHA1 collisions proven possisble Royce Williams (Feb 23)
- Re: SHA1 collisions proven possisble Richard Hesse (Feb 25)
- Re: SHA1 collisions proven possisble valdis . kletnieks (Feb 25)
- Re: SHA1 collisions proven possisble Randy Bush (Feb 26)
- Re: SHA1 collisions proven possisble Patrick W. Gilmore (Feb 23)
- Re: SHA1 collisions proven possisble valdis . kletnieks (Feb 23)
- Re: SHA1 collisions proven possisble Jon Lewis (Feb 23)
- Re: SHA1 collisions proven possisble valdis . kletnieks (Feb 23)
- Re: SHA1 collisions proven possisble Ca By (Feb 23)