Bugtraq mailing list archives

Re: SHA-1 broken

From: <dullien () gmx de>
Date: Thu, 17 Feb 2005 14:42:40 -0800

Hey all,

We abandon the requirement of collision resistance. This is a strangerequirement, and is not supported by experience. Collision resistance


we might think of changing the requirement of collision resistance
to "collision resistance in input data that is valid ASCII text". The
attacks on MD5 used the weak avalanche of the highest-order bit
in 32-bit words for producing the collision, basically precluding the
possibility of generating colliding ASCII text.

Cheers,
Thomas Dullien

Current thread:

SHA-1 broken Gadi Evron (Feb 16)
- Re: SHA-1 broken Kent Borg (Feb 17)
- Re: SHA-1 broken Michael Cordover (Feb 17)
  - Re: SHA-1 broken dullien (Feb 19)
  - Re: SHA-1 broken D.J. Capelis (Feb 19)
    - Re: SHA-1 broken Michael Cordover (Feb 20)
  - Re: SHA-1 broken Dan Harkless (Feb 19)
- Re: SHA-1 broken Robert Sussland (Feb 17)
  - Re: SHA-1 broken dullien (Feb 19)
    - Re: SHA-1 broken Darren Reed (Feb 19)
    - Re: SHA-1 broken dullien (Feb 19)
    - Re: SHA-1 broken Tollef Fog Heen (Feb 19)
    - Re: SHA-1 broken Denis Jedig (Feb 21)
- Re: SHA-1 broken Steve Friedl (Feb 17)
- Re: SHA-1 broken Jonathan G. Lampe (Feb 17)
- <Possible follow-ups>
- RE: SHA-1 broken Scovetta, Michael V (Feb 17)
  - RE: SHA-1 broken Frank Knobbe (Feb 21)
- RE: SHA-1 broken Michael Silk (Feb 19)
  - Re: SHA-1 broken exon (Feb 19)

(Thread continues...)