On 07/26/2015 01:39 PM, James Starkey wrote: > Get real. Read about the actual problems. Bthe issue is that there is a > theoretical problem that a manufactured duplicate collision could be > manufactored in something like time 2^82, something that nobody has > actually be able to do. > > Sure, SHA-1 has a known weakeness. It's replacement probably has an as yet > unknown weakness as well. > > If you were starting over from scratch, you wouldn't want to use SHA-1 to > avoid wasting time with discussions like this. See also RC4. But the > problem with SHA-1 doesn't justify the inconvenience of changing it.
I do not see serious inconveniences with it. BTW, what hash can you suggest instead? > Now, all that said, if the only use of SHA-1 is to flatten the "master key" > in SRP into a session key, then there is no dependency on SHA-1 as a > cryptographic hash, only as randomizing hash, and the weakness is > irrelevant. But if it's used to store passwords, that's a security problem > so huge that any SHA-1 weakness doesn't even come into it. > > Context is everything. > Yes, SHA-1 is used to store password hashes. For SRP an exponent of SHA1(login, salt, password) modulus the prime is stored. ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
