[Cryptography] TPM and SHA-1
james hughes
hughejp at me.com
Fri Mar 3 19:43:43 EST 2017
On Mar 1, 2017, at 4:28 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
>
> Perry E. Metzger <perry at piermont.com> writes:
>> Does this mean that breaks to SHA-1 potentially can be used against TPM 2.0 as well?
>
> You're asking the wrong question. [...] given the way SHA-1 is used for attestation, is
> there a feasible attack?
Yes it is hard but trivial with collusion.
Assume someone can computes a collision and puts one half into the bios and then gets that into a product. All the review in the world will not catch a future collision. We are now all vulnerable.
And breaks just keep getting easier.
Jim
More information about the cryptography
mailing list