[IP] One cryptographer's perspective on the SHA-1 result
james hughes
hughejp at mac.com
Sun Mar 6 14:30:24 EST 2005
On Mar 4, 2005, at 5:23 PM, James A. Donald wrote:
> The attacks on MD*/SHA* are weak and esoteric.
On this we respectfuly disagree.
You make it sound trivial. Wang has been working on these results for
over 10 years. She received the largest applause at Crypto 2004 session
from her peers I have ever seen.
> It is not so fundamentally broken as to justify starting over.
on this I agree.
My recommendation for anyone that listens to (nobody) me is to abandon
the MD series and SHA algorithms below SHA-256 for everything including
certificates, pgp and even HMAC. But these are my inclinations. I would
rather migrate to stronger crypto than have to continually justify why
I continue to use algorithms that have known weaknesses.
$0.02
> --digsig
> James A. Donald
> 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
> QVYtFQAELN4YlZ9xB60CvXTqW8QT8rOABMbJrPXE
> 4hz2qo1jnDwc3tmFFeyh6lG9sOrXL1783FYSh2s+v
What software do you use for this? Is it ECC or RSA?
Thanks
jim
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list