On Sat, 25 Feb 2017 22:12:10 +0100 Miroslav Rovis wrote: > https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html > > ( you know I hate the Schmoog, and didn't take their cookies, and so > they didn't show me their page in my Palemoon --working great here!, an > Angel of Honesty in comparison to Firefox --and if anybody else don't > want Schmoog prying in his machine, likely:
Mass generation of collisions is much easier if document structure is taken into account, e.g. for PDF it is sufficient to compute collision block once and it is possible to generate different PDFs with the same SHA1 hash. On-line service is available together with detailed description: https://alf.nu/SHA1 So danger of SHA1 collision is much closer than 9,223,372,036,854,775,808 SHA1 computations or 1 110-GPU year. Best regards, Andrew Savchenko
pgpdZdRXx8Qdq.pgp
Description: PGP signature
