faster SHA-1 attacks?
Steven M. Bellovin
smb at cs.columbia.edu
Wed Aug 17 08:37:37 EDT 2005
In message <87d5ocsqic.fsf at snark.piermont.com>, "Perry E. Metzger" writes:
>
>I was unable to watch webcast of the rump session at the Crypto
>conference last night, but I have heard that a proxy announced that
>Wang has an order 2^63 attack on SHA-1. Can anyone confirm that, and
>give details?
>
Shamir gave her rump session talk (and first gave a humorous
presentation on why she couldn't get a visa -- she admitted to
attacking U.S. government systems, and used collisions). She is indeed
claiming a 2^63 attack, and found a new path to use in the attack.
Because of the new path, there is reason to think the attack will get
even better. Shamir noted that 2^63 is within reach of a distributed
Internet effort to actually find one.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list