[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: schneier says sha-1 broken

Dries Schellekens wrote:

-f wrote:

just in case, anybody missed it...

It is not a practical attack yet; 2^69 operations still is very much.

It turns out Schneier did not have access to the paper and misjudged the results.

"it seems that Schneier forgot to mention that the paper has a footnote which says that the attack on full SHA-1 only works if some padding (which SHA-1 requires) is not done."
from: http://www.financialcryptography.com/mt/archives/000355.html

So SHA-1 is not broken at all, only reduced round versions and full SHA-1 without this padding. But these are important results that perhaps can be improved.



Visit your host, monkey.org