[IP] One cryptographer's perspective on the SHA-1 result

james hughes hughejp at mac.com
Sun Mar 6 14:30:24 EST 2005

On Mar 4, 2005, at 5:23 PM, James A. Donald wrote:
> The attacks on MD*/SHA* are weak and esoteric.

On this we respectfuly disagree.

You make it sound trivial. Wang has been working on these results for 
over 10 years. She received the largest applause at Crypto 2004 session 
from her peers I have ever seen.

> It is not so fundamentally broken as to justify starting over.

on this I agree.

My recommendation for anyone that listens to (nobody) me is to abandon 
the MD series and SHA algorithms below SHA-256 for everything including 
certificates, pgp and even HMAC. But these are my inclinations. I would 
rather migrate to stronger crypto than have to continually justify why 
I continue to use algorithms that have known weaknesses.


>     --digsig
>          James A. Donald
>      6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
>      4hz2qo1jnDwc3tmFFeyh6lG9sOrXL1783FYSh2s+v

What software do you use for this? Is it ECC or RSA?



The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list