McDonald, Hawkes and Pieprzyk claim that they have reduced the collision
strength of SHA-1 to 2^{52}.
Slides here:
http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
Thanks to Paul Hoffman for pointing me to this.
-Ekr
Eric Rescorla writes:
> McDonald, Hawkes and Pieprzyk claim that they have reduced the collision
> strength of SHA-1 to 2^{52}.
>
> Slides here:
> http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
>
> Thanks to Paul Hoffman for pointing me to this.
This is a very important r
On 2009 Apr 30, at 4:31 , Perry E. Metzger wrote:
Eric Rescorla writes:
McDonald, Hawkes and Pieprzyk claim that they have reduced the
collision
strength of SHA-1 to 2^{52}.
Slides here:
http://eurocrypt2009rump.cr.yp.to/
837a0a8086fa6ca714249409ddfae43d.pdf
Thanks to Paul Hoffman for
On Apr 30, 2009, at 4:31 PM, Perry E. Metzger wrote:
Eric Rescorla writes:
McDonald, Hawkes and Pieprzyk claim that they have reduced the
collision
strength of SHA-1 to 2^{52}.
Slides here:
http://eurocrypt2009rump.cr.yp.to/
837a0a8086fa6ca714249409ddfae43d.pdf
Thanks to Paul Hoffman f
Greg Rose writes:
>> This is a very important result. The need to transition from SHA-1
>> is no longer theoretical.
>
> It already wasn't theoretical... if you know what I mean. The writing
> has been on the wall since Wang's attacks four years ago.
Sure, but this should light a fire under peop
On Thu, Apr 30, 2009 at 11:07:31PM -0400, Perry E. Metzger wrote:
>
> Greg Rose writes:
> >> This is a very important result. The need to transition from SHA-1
> >> is no longer theoretical.
> >
> > It already wasn't theoretical... if you know what I mean. The writing
> > has been on the wall si
"Perry E. Metzger" writes:
>Greg Rose writes:
>> It already wasn't theoretical... if you know what I mean. The writing
>> has been on the wall since Wang's attacks four years ago.
>
>Sure, but this should light a fire under people for things like TLS 1.2.
Why?
Seriously, what threat does this p
Peter Gutmann writes:
> "Perry E. Metzger" writes:
>>Greg Rose writes:
>>> It already wasn't theoretical... if you know what I mean. The writing
>>> has been on the wall since Wang's attacks four years ago.
>>
>>Sure, but this should light a fire under people for things like TLS 1.2.
>
> Why?
>
At Sat, 02 May 2009 21:53:40 +1200,
Peter Gutmann wrote:
>
> "Perry E. Metzger" writes:
> >Greg Rose writes:
> >> It already wasn't theoretical... if you know what I mean. The writing
> >> has been on the wall since Wang's attacks four years ago.
> >
> >Sure, but this should light a fire under p
On May 2, 2009, at 5:53, Peter Gutmann wrote:
"Perry E. Metzger" writes:
Greg Rose writes:
It already wasn't theoretical... if you know what I mean. The
writing
has been on the wall since Wang's attacks four years ago.
Sure, but this should light a fire under people for things like TLS
At Sat, 2 May 2009 15:00:36 -0400,
Matt Blaze wrote:
> The serious concern here seems to me not to be that this particular
> weakness is a last straw wedge that enables some practical attack
> against some particular protocol -- maybe it is and maybe it isn't.
> What worries me is that SHA-1 has be
"Perry E. Metzger" writes:
>Home routers and other equipment last for years. If we slowly roll out
>various protocol and system updates now, then in a number of years, when we
>find ourselves with real trouble, a lot of them will already be updated
>because new ones won't have issues.
I'm not re
On Thu, 30 Apr 2009 17:44:53 -0700
Jon Callas wrote:
> The accepted wisdom
> on 80-bit security (which includes SHA-1, 1024-bit RSA and DSA keys,
> and other things) is that it is to be retired by the end of 2010.
That's an interesting statement from a historical perspective -- is it
true? And
On Wed, 6 May 2009 20:54:34 -0400
"Steven M. Bellovin" wrote:
> On Thu, 30 Apr 2009 17:44:53 -0700
> Jon Callas wrote:
>
> > The accepted wisdom
> > on 80-bit security (which includes SHA-1, 1024-bit RSA and DSA keys,
> > and other things) is that it is to be retired by the end of 2010.
>
> T
At 8:54 PM -0400 5/6/09, Steven M. Bellovin wrote:
>On Thu, 30 Apr 2009 17:44:53 -0700
>Jon Callas wrote:
>
>> The accepted wisdom
>> on 80-bit security (which includes SHA-1, 1024-bit RSA and DSA keys,
>> and other things) is that it is to be retired by the end of 2010.
>
>That's an interesting s
On Fri, May 8, 2009 at 10:28 AM, Brandon Enright wrote:
> "Steven M. Bellovin" wrote:
>
>> On Thu, 30 Apr 2009 17:44:53 -0700
>> Jon Callas wrote:
>>
>> > The accepted wisdom
>> > on 80-bit security (which includes SHA-1, 1024-bit RSA and DSA keys,
>> > and other things) is that it is to be ret
16 matches
Mail list logo