On 22 Jun 2017 19:10, "Evgeny Khramtsov" <xramt...@gmail.com> wrote:
Thu, 22 Jun 2017 17:13:08 +0100 Dave Cridland <d...@cridland.net> wrote: > Well, MD5 is brute-forceable now - you can clock up a lot of them per > second on a stolen AWS account. > > The advice I'm hearing is that SHA-1 will be in range within a couple > of years at the current rate of weakening. Well, yes, there also reverse SHA1 tables exist [1] which make it trivial to reverse short passwords, but all this has nothing in common with SHA1 collisions, as far as I know. I think I (more or less) said at the beginning of this year that the sky was absolutely not falling. But SHA-1 is showing its first signs of weakness, so it's prudent to start planning a strategy for moving along to SHA-256 or something. I agree with you that we can move at whatever speed feels most comfortable - there are no dragons breathing down the backs of our necks on this. As I say, we have, it seems, a couple of years. [1] https://sha1.gromweb.com _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
