nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SHA1 collisions proven possisble

From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Thu, 23 Feb 2017 20:56:28 -0500
On Feb 23, 2017, at 6:21 PM, valdis.kletnieks () vt edu wrote:

On Thu, 23 Feb 2017 17:40:42 -0500, "Ricky Beam" said:


cost! However this in no way invalidates SHA-1 or documents signed by
SHA-1.


We negotiate a contract with terms favorable to you.  You sign it (or more
correctly, sign the SHA-1 hash of the document).

I then take your signed copy, take out the contract, splice in a different
version with terms favorable to me.  Since the hash didn't change, your
signature on the second document remains valid.

I present it in court, and the judge says "you signed it, you're stuck with
the terms you signed".

I think that would count as "invalidates documents signed by SHA-1", don't you?


Doesn’t work that way.

According to the blog post, you can create two documents which have the same hash, but you do not know what that hash 
is until the algorithm finishes. You cannot create a document which matches a pre-existing hash, i.e. the one in the 
signed doc. Hence my comment that you can’t take Verisign’s root key and create a new key which matches the hash.

-- 
TTFN,
patrick
Previous By Date Next
Previous By Thread Next

Current thread: