[Cryptography] sunsetting SHA-1 in Chrome

Ryan Carboni ryacko at gmail.com
Sun Sep 7 15:22:00 EDT 2014


SHA-2 has a better security margin than SHA-1.

To protect against a collision attack which allows someone to pose as an
intermediate authority.

That reminds me, I gave a public comment to NIST, telling them that
SHA-3-224 is useless as everyone should phase away from 112-bit security,
and that there should be a SHA-3-160, since for most uses 80-bit security
is sufficient and is superior for terseness. They didn't listen, crudgy
bureaucrats.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140907/c35579b2/attachment.html>


More information about the cryptography mailing list