Security Basics mailing list archives
RES: sha-1 cryptography
From: "Rodrigo Fernandez" <RodrigoFernandez () cetip com br>
Date: Thu, 22 Dec 2005 17:48:01 -0200
Hi, This are my 2cents, correct me if I'm wrong, please... SHA-1 is not a criptographic algorithm, it's a hash algorithm, and it is known that SHA-1 just as all others SHA algorithms have a finite number os possibilities for a hash code. It means that two objects could generate the same hash code. The person who "broke" it, simply found two completely different objects with the same hash. Nowadays, there are stronger SHA's algorithms, such as SHA-512, with 512 bits combination, which is much more difficult to find hash in common. Remeber, they're still finite... I could not tell you the opinion of specialysts, but I can sure tell you that you should always use the harder algorithm you can! []s -----Mensagem original----- De: Enquiries [mailto:enquiries () globalart4u com] Enviada em: terça-feira, 20 de dezembro de 2005 16:37 Para: Security-Basics (E-mail) Assunto: sha-1 cryptography Dear All I understand that SHa-1 cryptography has been broken by the same person who broke MD5, xiaoyun Wang. So what does that mean for password security and credit card transactions etc. Does that mean we will need to look for other stronger cryptography solutions and if yes what do you recommend, especially for passwords? thanks Tallat www.macklamm.com - moving to brussels? looking for accommodation? www.globalart4u.com - art and crafts - give the gift of originality www.macklamm.org - latest list of vat exempt gold coins for investment now available -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.1/207 - Release Date: 19/12/05 --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------- ******************************************************************************************* Atenção: Esta mensagem foi enviada para uso exclusivo do(s) destinatários(s) acima identificado(s), podendo conter informações e/ou documentos confidencias/privilegiados e seu sigilo é protegido por lei. Caso você tenha recebido por engano, por favor, informe o remetente e apague-a de seu sistema. Notificamos que é proibido por lei a sua retenção, disseminação, distribuição, cópia ou uso sem expressa autorização do remetente. Opiniões pessoais do remetente não refletem, necessariamente, o ponto de vista da CETIP, o qual é divulgado somente por pessoas autorizadas. Attention: This message was sent for exclusive use of the addressees above identified, being able to contain information and or privileged/confidential documents and law protects its secrecies. In case that you it has received for deceit, please, it informs the shipper and erases it of your system. We notify that law forbids its retention, dissemination, distribution, copy or use without express authorization. Personal opinions of the shipper do not reflect, necessarily, the point of view of the CETIP, which is only divulged by authorized people. ******************************************************************************************* --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
Current thread:
- RES: sha-1 cryptography Rodrigo Fernandez (Dec 26)
- Re: sha-1 cryptography Saqib Ali (Dec 28)