[Top] [All Lists]

Re: SHA-1 broken

2005-02-17 07:57:04

David Shaw wrote:

Rather than trying to jury-rig something together to allow using other
hashes, I think I would rather just declare a V5 key format (which can
be essentially the same as V4), which uses a different hash.  Users
can continue using V4 keys as long as they desire, and developers will
have time to add support for V5 so it's ready when it is needed.  This
ties in neatly with other things recently discussed here : for
example, a V5 key could be said to have AES as the default algorithm.

Having now read the "note" that the Shandong
team distributed, I'm less inclined to think this
is the end of the world.  See my blog for some

Declaring a need for a V5 key makes a lot of
sense, if we believe that we can survive that
long.  However, the first thing would be that
I'd say a redesign of the key structure would
be better than just a minor change to one
element.  I don't think it's worth carring the
costs of an entire new key structure in code
without making it worth carrying on for the
next N decades.

But, yes, V4 keys are old too.  A good point.


News and views on what matters in finance+crypto:

<Prev in Thread] Current Thread [Next in Thread>