Re: MD5 math question

[Tim <tim-security () sentinelchicken org>]

> Nopes. Or I bought the propaganda saying "an incorrect implementation of 
> SHA1 has been broken". Shame on me either way. So what are we left with? 
> SHA-<lots-of-numbers-higher-than-1> ?

Ah, yeah... There was some sort of f-up with the implementation.  They
were able to quickly fix that and show that their methods still work
with the real thing.

Well, there's SHA-{224,256,384,512}[1], but those are all built on the
same math as SHA-1.  They are almost surely more difficult to break,
with respect to collisions, than SHA-1, but it's still hard to trust
them.

Some alternatives are Tiger and Whirlpool, but I don't know if these
have had enough scrutiny yet to be trusted.  NIST recently hosted a
workshop[2] on the issues of replacing SHA-1, and they have some
presentation slides online[3] which may be helpful.


cheers,
tim




1. http://csrc.nist.gov/cryptval/shs.htm
2. http://www.csrc.nist.gov/pki/HashWorkshop/index.html
3. http://www.csrc.nist.gov/pki/HashWorkshop/program.htm

-------------------------------------------------------------------------------
Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. See for yourself. 
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
-------------------------------------------------------------------------------