[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SHA-1 broken

To: "Robert Sussland" <robert@xxxxxxxxxxx>, "Gadi Evron" <gadi@xxxxxxxxxxxxx>
Subject: Re: SHA-1 broken
From: <dullien@xxxxxx>
Date: Thu, 17 Feb 2005 14:42:40 -0800

Hey all,

We abandon the requirement of collision resistance. This is a strange requirement, and is not supported by experience. Collision resistance


we might think of changing the requirement of collision resistance
to "collision resistance in input data that is valid ASCII text". The
attacks on MD5 used the weak avalanche of the highest-order bit
in 32-bit words for producing the collision, basically precluding the
possibility of generating colliding ASCII text.

Cheers,
Thomas Dullien

Follow-Ups:
- Re: SHA-1 broken
  - From: Darren Reed
- Re: SHA-1 broken
  - From: Tollef Fog Heen

References:
- SHA-1 broken
  - From: Gadi Evron
- Re: SHA-1 broken
  - From: Robert Sussland

Prev by Date: Re: SHA-1 broken
Next by Date: MDKSA-2005:043 - Updated xpdf packages fix vulnerabilities on 64 bit platforms
Previous by thread: Re: SHA-1 broken
Next by thread: Re: SHA-1 broken
Index(es):
- Date
- Thread