>Anyone who receives a digital signature based on an MD-5 or SHA-1 hash should be suspicious.
aw, c'mon mike - you don't *really* mean that, do you? i mean, really - should we be suspicious, just in case they someone has been running "SHA1-Crack-2005" for the last 3 days on their 200,000,000 cpu cluster in their basement with each magic cpu capabable of 10M hashes per second? (i think i did my math right for 2^69..) and if i understand correctly, the chinese research only showed it was possible to generate md5 colliding hashes w/ after an hour w/ their top500 supercomputer - but they couldnt actually crack one, and md5 still hasnt ever been cracked by brute force. so i agree w/ jason and michael in that it's interesting that MD5/SHA1 are "broken" by some definition of broken, and that we should be aware of this - i just want to inject a healthy does of "so what?" into the scene. no disrespect intended - just healthy discourse. ;-) Josh Coates http://www.jcoates.org -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Halcrow Sent: Wednesday, February 16, 2005 7:20 PM To: BYU Unix Users Group Subject: Re: [uug] SHA-1 is probably broken On Tue, Feb 15, 2005 at 10:18:43PM -0700, Phillip Hellewell wrote: > <tinfoil hat> > > Hmmmm, come to think of it, how can we trust this so called e-mail and > so called break of SHA-1. I mean, hey, they didn't even really prove it > yet, so how do we know it's not just some huge conspiracy; hey, maybe > someone is trying to impersonate Michael and ruin his good name by > spreading these nasty rumors!! Since there's no signature, we don't > really know _WHO_ sent that message!!! > > </tinfoil hat> I certify that the previously sent messages with SHA-1 hashes for the bodies: ce57b00152bc4d28fb6d1db7c0942d234d7061c5 21d6067691cc57fd69682adc946576cac6f653a7 342abccf1e67c06f89760f0f719fd75221e87b62 Were sent by me. You can take your tinfoil hat off now. ;-P BTW, you can still use GnuPG with a hash that still is not known to be broken. Place this in your gpg.conf or your .gnupg/options file: digest-algo RIPEMD160 Note this is outside the RFC2440 spec, but it should be supported by any PGP app that's worth its salt. Anyone who receives a digital signature based on an MD-5 or SHA-1 hash should be suspicious. Well, you should always be suspicious, but in those cases, you should be especially suspicious. Mike .___________________________________________________________________. Michael A. Halcrow Security Software Engineer, IBM Linux Technology Center GnuPG Fingerprint: 05B5 08A8 713A 64C1 D35D 2371 2D3C FDDA 3EB6 601D Friends don't let friends do Windows. -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
