[OSM-talk] SHA-1 collision announced by Google
If you develop or run software that uses SHA-1, here's another reason to upgrade to a more secure algorithm: https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html Pine ___ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] SHA-1 collision announced by Google
It's been known for a while that sha1 can generate duplicates. What next the announcement that MD5s have collisions too? On Feb 24, 2017 3:39 PM, "Pine W" wrote: If you develop or run software that uses SHA-1, here's another reason to upgrade to a more secure algorithm: https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html Pine ___ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk ___ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] SHA-1 collision announced by Google
All hashes by their nature can have collisions. The news is there is a practical way to intentionally generate them. It's the first time this is done for SHA-1, at least publicly announced (it wouldn't surprise me if the NSA had secret techniques and computing power to do it already). > On Feb 25, 2017, at 10:21, James wrote: > > It's been known for a while that sha1 can generate duplicates. What next the > announcement that MD5s have collisions too? > > On Feb 24, 2017 3:39 PM, "Pine W" wrote: > If you develop or run software that uses SHA-1, here's another reason to > upgrade to a more secure algorithm: > > https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html > > Pine > ___ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] SHA-1 collision announced by Google
The only one that wouldn't have collisions would be to hash every single bit to produce a 1:1 copy of the file(pretty useless) or bigger. So yes all hashes can create collisions, its more on the probability that it happens to be as low as possible On Feb 25, 2017 8:36 AM, "Nicolás Alvarez" wrote: > All hashes by their nature can have collisions. The news is there is a > practical way to intentionally generate them. It's the first time this is > done for SHA-1, at least publicly announced (it wouldn't surprise me if the > NSA had secret techniques and computing power to do it already). > > On Feb 25, 2017, at 10:21, James wrote: > > It's been known for a while that sha1 can generate duplicates. What next > the announcement that MD5s have collisions too? > > On Feb 24, 2017 3:39 PM, "Pine W" wrote: > > If you develop or run software that uses SHA-1, here's another reason to > upgrade to a more secure algorithm: > > https://security.googleblog.com/2017/02/announcing-first-sha > 1-collision.html > > Pine > > ___ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk
