On Mon, Sep 19, 2005 at 02:16:10PM +0100, Michael Rogers wrote: > Yongqian Li wrote: > > >SHA1 has recently been broken (see > >http://www.virusbtn.com/news/virus_news/2005/08_29.xml). Will support > >for a stronger hash be added in Freenet 0.7? > > As far as I know the collision-resistant property of SHA-1 has been > broken, but the second-preimage-resistant property hasn't. In other > words it's possible to generate two messages with the same hash, but > it's impossible to find a second message with the same hash as a given > message.
Attacks always get better. The correct response is to upgrade to SHA-256, and when the dust settles hopefully there will be a consensus on a better hash. > > I think Freenet requires second-preimage-resistance rather than > collision-resistance, although I could well be wrong. For example, if > someone wants to insert two new files under the same CHK, is it really a > problem? I can see how it would be a problem if someone could insert a > second file under an existing CHK, but that isn't possible with the > attacks that have been published so far. Well.. there are some obscure attacks maybe. But the point is that once you have a practical birthday paradox attack, the hash is broken, and a second preimage attack is very likely to be found in the future. > > On the other hand perhaps there are social attacks where, for example, > you create two files with the same hash, get someone to publish the > first file and then claim that they published the second? I suppose this > could be used to undermine the credibility of public-key-based pseudonyms. Right, even the birthday paradox attack can be of *some* use, especially if combined with social engineering. But it's not a particularly serious concern. > > Cheers, > Michael -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20050919/1f6b7649/attachment.pgp>
