Bugtraq mailing list archives

Re: SHA-1 broken

From: Darren Reed <avalon () caligula anu edu au>
Date: Sun, 20 Feb 2005 04:24:17 +1100 (Australia/ACT)

In some mail from dullien () gmx de, sie said:


Hey all,

We abandon the requirement of collision resistance. This is a strange 
requirement, and is not supported by experience. Collision resistance


we might think of changing the requirement of collision resistance
to "collision resistance in input data that is valid ASCII text". The
attacks on MD5 used the weak avalanche of the highest-order bit
in 32-bit words for producing the collision, basically precluding the
possibility of generating colliding ASCII text.


And what about the case for (uncompressed) binary images ?

Darren

Current thread:

SHA-1 broken Gadi Evron (Feb 16)
- Re: SHA-1 broken Kent Borg (Feb 17)
- Re: SHA-1 broken Michael Cordover (Feb 17)
  - Re: SHA-1 broken dullien (Feb 19)
  - Re: SHA-1 broken D.J. Capelis (Feb 19)
    - Re: SHA-1 broken Michael Cordover (Feb 20)
  - Re: SHA-1 broken Dan Harkless (Feb 19)
- Re: SHA-1 broken Robert Sussland (Feb 17)
  - Re: SHA-1 broken dullien (Feb 19)
    - Re: SHA-1 broken Darren Reed (Feb 19)
    - Re: SHA-1 broken dullien (Feb 19)
    - Re: SHA-1 broken Tollef Fog Heen (Feb 19)
    - Re: SHA-1 broken Denis Jedig (Feb 21)
- Re: SHA-1 broken Steve Friedl (Feb 17)
- Re: SHA-1 broken Jonathan G. Lampe (Feb 17)
- <Possible follow-ups>
- RE: SHA-1 broken Scovetta, Michael V (Feb 17)
  - RE: SHA-1 broken Frank Knobbe (Feb 21)
- RE: SHA-1 broken Michael Silk (Feb 19)
  - Re: SHA-1 broken exon (Feb 19)
    - Re: SHA-1 broken Peter J. Holzer (Feb 21)

(Thread continues...)