Bugtraq mailing list archives
Re: SHA-1 broken
From: Kent Borg <kentborg () borg org>
Date: Wed, 16 Feb 2005 18:27:17 -0500
On Wed, Feb 16, 2005 at 02:56:27PM +0200, Gadi Evron wrote:
Now, we've all seen this coming for a while. http://www.schneier.com/blog/archives/2005/02/sha1_broken.html Where do we go from here?
I am feeling smug that in a project I am working on I earlier decided our integrity hashes would be a concatenation of MD5 and SHA-1, not that that's a fix, but it helps. I am also appreciating that hashes are used (this project included) for many different things, not all of which are directly affected by this break. Yes, this is a bad omen for the longevity of SHA-1 for other uses, so we will keep an eye on it. Something I am intrigued about is more sophiticated compositions of, say, SHA-1 and MD5. -kb
Current thread:
- SHA-1 broken Gadi Evron (Feb 16)
- Re: SHA-1 broken Kent Borg (Feb 17)
- Re: SHA-1 broken Michael Cordover (Feb 17)
- Re: SHA-1 broken dullien (Feb 19)
- Re: SHA-1 broken D.J. Capelis (Feb 19)
- Re: SHA-1 broken Michael Cordover (Feb 20)
- Re: SHA-1 broken Dan Harkless (Feb 19)
- Re: SHA-1 broken Robert Sussland (Feb 17)
- Re: SHA-1 broken dullien (Feb 19)
- Re: SHA-1 broken Darren Reed (Feb 19)
- Re: SHA-1 broken dullien (Feb 19)
- Re: SHA-1 broken Tollef Fog Heen (Feb 19)
- Re: SHA-1 broken dullien (Feb 19)