SHA-1 cracked
Alexandre Dulaunoy
adulau at foo.be
Wed Feb 16 09:14:02 EST 2005
On Tue, 15 Feb 2005, Steven M. Bellovin wrote:
> According to Bruce Schneier's blog
> (http://www.schneier.com/blog/archives/2005/02/sha1_broken.html), a
> team has found collisions in full SHA-1. It's probably not a practical
> threat today, since it takes 2^69 operations to do it and we haven't
> heard claims that NSA et al. have built massively parallel hash
> function collision finders, but it's an impressive achievement
> nevertheless -- especially since it comes just a week after NIST stated
> that there were no successful attacks on SHA-1.
and what about HMAC-SHA1 ? Is it reducing the operation required by
the same factor or as the structure of HMAC is so different that the
attack is very unlikely to be practical ?
--
-- Alexandre Dulaunoy (adulau) -- http://www.foo.be/
-- http://pgp.ael.be:11371/pks/lookup?op=get&search=0x44E6CBCD
-- "Knowledge can create problems, it is not through ignorance
-- that we can solve them" Isaac Asimov
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list