[Cryptography] [FORGED] Re: Google announces practical SHA-1 collision attack
Alexandre Anzala-Yamajako
anzalaya at gmail.com
Thu Mar 2 07:51:02 EST 2017
2017-03-01 23:55 GMT+01:00 Peter Gutmann <pgut001 at cs.auckland.ac.nz>:
> [...]
>
> Another thing that the report is insufficiently clear about is that this
> isn't
> about creating a collision with an existing document, it's about creating a
> document from scratch that can be manipulated to have two different forms
> but
> the same hash. So it's more a badly-designed-repository-stress-tester
> than a
> signature-forgery attack.
>
> Peter.
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
Isn't what you describe a "second preimage" attack on SHA -1 rather than a
collision.
--
Alexandre Anzala-Yamajako
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170302/67fe02c6/attachment.html>
More information about the cryptography
mailing list