SecurityFocus

SHA-1 broken Feb 16 2005 12:56PM
Gadi Evron (gadi tehila gov il) (5 replies)

Re: SHA-1 broken Feb 17 2005 02:44PM
Jonathan G. Lampe (jonathan lampe standardnetworks com)

Re: SHA-1 broken Feb 17 2005 01:28AM
Steve Friedl (steve unixwiz net)

Re: SHA-1 broken Feb 17 2005 01:25AM
Robert Sussland (robert inkwood org) (1 replies)

Re: SHA-1 broken Feb 17 2005 10:42PM
dullien gmx de (2 replies)

Re: SHA-1 broken Feb 19 2005 05:24PM
Darren Reed (avalon caligula anu edu au) (1 replies)

Re: SHA-1 broken Feb 19 2005 05:41PM
dullien gmx de

Re: SHA-1 broken Feb 19 2005 01:22PM
Tollef Fog Heen (tfheen err no) (1 replies)

*

| Hey all,
|
| > We abandon the requirement of collision resistance. This is a
| > strange requirement, and is not supported by experience. Collision
| > resistance
|
| we might think of changing the requirement of collision resistance
| to "collision resistance in input data that is valid ASCII text". The
| attacks on MD5 used the weak avalanche of the highest-order bit
| in 32-bit words for producing the collision, basically precluding the
| possibility of generating colliding ASCII text.

That's not really useful is you want to sign something in non-English
languages. Valid UTF8 might be a decent requirement, though.

--
Tollef Fog Heen ,''`.
UNIX is user friendly, it's just picky about who its friends are : :' :
`. `'
`-

[ reply ]

Re: SHA-1 broken Feb 20 2005 09:45AM
Denis Jedig (seclists syneticon de)

Re: SHA-1 broken Feb 17 2005 01:02AM
Michael Cordover (michael cordover gmail com) (3 replies)

Re: SHA-1 broken Feb 18 2005 02:22AM
Dan Harkless (bugtraq harkless org)

Re: SHA-1 broken Feb 17 2005 11:32PM
D.J. Capelis (djcapelisp yahoo com) (1 replies)

Re: SHA-1 broken Feb 19 2005 03:37AM
Michael Cordover (michael cordover gmail com)

Re: SHA-1 broken Feb 17 2005 10:39PM
dullien gmx de

Re: SHA-1 broken Feb 16 2005 11:27PM
Kent Borg (kentborg borg org)