[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: schneier says sha-1 broken



Dries Schellekens wrote:

-f wrote:

just in case, anybody missed it...

http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
It is not a practical attack yet; 2^69 operations still is very much.

It turns out Schneier did not have access to the paper and misjudged the results.


"it seems that Schneier forgot to mention that the paper has a footnote which says that the attack on full SHA-1 only works if some padding (which SHA-1 requires) is not done."
from: http://www.financialcryptography.com/mt/archives/000355.html


So SHA-1 is not broken at all, only reduced round versions and full SHA-1 without this padding. But these are important results that perhaps can be improved.


Cheers,

Dries



Visit your host, monkey.org