At 4:27 PM -0700 4/30/09, Robert Relyea wrote: >Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; >micalg=sha1; boundary="------------ms000907030103030804040502" > >Nelson B Bolyard wrote: >>SHA-1 has taken a significant hit. See >> >>http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf >> >> >For reference, if this is a full SHA-1 break, it's the same 'strength' that >MD-5 has been at for the last 4 years.
This doesn't seem to be the case. MD-5 has been weakened well beyond 2^52. There is a better understanding of how to craft structured collisions. It is likely that SHA-1 will become as weak as MD5 within a few years (as many people have expected), but this paper doesn't bring it to that now. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
