On Wed, 16 Feb 2005 16:07:10 -0700, Josh Coates <[EMAIL PROTECTED]> wrote: > > >If you can't believe Schneier, Kaminsky and Rescorla, then there's not much > else I can do for you. > > first off, i'm just like most engineers - we dont just blindly give > credibility to "quoted experts" - we examine things ourselves, and right > now, there is nothing to examine except a bunch of blogs. > > and second, i basically believe the quote from kaminsky: > "...the attacks are not wildly practical, and in most cases exposure remains > thankfully limited, for now." > > >The attacks /are/ important, the hash functions are no longer secure, and > >supercomputers have very little to do with it. > > and third, i'm assuming you read the md5 paper? they couldnt have done > their work w/o their supercomputer. (that's what kaminsky means when he > says "not wildly practical") so yes, supercomputers have a lot to do with > it. and as far as the attacks being important, sure, i guess they are > noteworthy in the world of cryptography, but all it is is an indication that > SHA1 may be retiring sometime soon. BFD. > > and finally, since we really don't know anything about the SHA-1 work they > did, it's all hysterical speculation. sorry i'm not more hysterical about > it, but if it's anything like their md5 paper, then i don't think it's a big > deal unless you are a cryptophile - in which case, it's fun to talk about > and rant and rave about the grave implications, blah blah blah - but it's > mostly "move along, nothing to see here." > > but hey, i'm not mr. crypto-zealot, and maybe i'm missing something here. i > like learning new things, so if you can explain to us in simple terms why we > should be gravely concerned about a SHA1 collision in 2^69 hashes, i'd love > to hear about.
So what I gather from all this is, basically, it's not time to shut down the internet until new more better hashes are found, md5 and SHA1 are still workable for now (Josh, other pragmatic engineers), but be aware that these discoveries confirm that md5 and SHA1 are not fool proof, and that technology is catching up (Jason, Mike, and other security buffs). Right? Bryan -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
