ietf-openpgp
[Top] [All Lists]

SHA-1 broken

2005-02-16 23:51:16
Hi,

http://www.schneier.com/blog/archives/2005/02/sha1_broken.html

While this attack reduces SHA-1 from strength 2^80 to 2^69 and 2^69 
operations is still unreachably much, likelihood seems high that someone 
will improve this attack once the paper has been released.

Should we phase out SHA-1? But in favour of what?

This also means that DSA/DSS is broken (a downgrade attack becomes 
possible). Should we return to suggesting RSA as signature algorithm?



        Konrad

Attachment: pgpkNTuHKQLo9.pgp
Description: PGP signature

<Prev in Thread] Current Thread [Next in Thread>