funsec mailing list archives

Re: another one bites the dust (SHA-1)

From: Blue Boar <BlueBoar () thievco com>
Date: Wed, 21 Mar 2007 08:34:29 -0700

Gadi Evron wrote:

http://en.epochtimes.com/tools/printer.asp?id=50336


Not a very good article on the topic, which is something like a year old
now.

SHA-1 isn't nearly as broken as MD5, so far. The US Government was
scheduled to replace SHA-1 even before she came up with the better attack.

As I recall, the current best attack is something like a two chosen
plaintext birthday collision attack, with around 67 bits of brute force.
Ideal strength would be 80 bits.

So, I would call SHA-1 "breaking", but not "broken".

                                                BB
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

another one bites the dust (SHA-1) Gadi Evron (Mar 21)
- Re: another one bites the dust (SHA-1) Blue Boar (Mar 21)