[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: schneier says sha-1 broken

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: schneier says sha-1 broken
From: Dries Schellekens <gwyllion_(_at_)_ulyssis_(_dot_)_org>
Date: Thu, 17 Feb 2005 14:54:45 +0100

Dries Schellekens wrote:

-f wrote:
just in case, anybody missed it...
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
It is not a practical attack yet; 2^69 operations still is very much.

It turns out Schneier did not have access to the paper and misjudged the results.

"it seems that Schneier forgot to mention that the paper has a footnote which says that the attack on full SHA-1 only works if some padding (which SHA-1 requires) is not done." from: http://www.financialcryptography.com/mt/archives/000355.html

So SHA-1 is not broken at all, only reduced round versions and full SHA-1 without this padding. But these are important results that perhaps can be improved.


Cheers,

Dries

Follow-Ups:
- Re: schneier says sha-1 broken
  - From: Dries Schellekens
- Re: schneier says sha-1 broken
  - From: Dries Schellekens

References:
- schneier says sha-1 broken
  - From: -f

Prev by Date: Re: PF, Bridge, and IP on bridged interface [more]
Next by Date: pf + synproxy
Previous by thread: schneier says sha-1 broken
Next by thread: Re: schneier says sha-1 broken
Index(es):
- Date
- Thread

Visit your host, monkey.org