Re: SHA-1 broken

My feeling is that a key fingerprint is the *least* of the things thatare in danger from a SHA-1 break.

A key fingerprint is little more than a hash of the key material, thecreation time, and a few constants. There's very little place in thereto manufacture a collision. Fingerprints need little more thanone-way-ness.

Furthermore, it is imperative that a fingerprint be short. The wholereason for having them is that they are short. All the things you wanta fingerprint for require it being short. Twenty bytes is plenty longenough for one. Otherwise just get rid of the fingerprint and justwrite down the key.

Jon

<Prev in Thread]	Current Thread	[Next in Thread>
Re: SHA-1 broken, (continued) Re: SHA-1 broken, Ian G Re: SHA-1 broken, David Shaw Re: SHA-1 broken, Werner Koch Re: SHA-1 broken, Ian G Re: SHA-1 broken, David Shaw Re: SHA-1 broken, Konrad Rosenbaum Re: SHA-1 broken, Konrad Rosenbaum Re: SHA-1 broken, Vlad \"SATtva\" Miller Re: SHA-1 broken, aboietf Re: SHA-1 broken, Ian G Re: SHA-1 broken, Jon Callas <= Re: SHA-1 broken, Lutz Donnerhacke Re: SHA-1 broken, Jon Callas Re: SHA-1 broken, Werner Koch The oracle weakness and the art of disclosure, Ian G Re: SHA-1 broken, Konrad Rosenbaum Re: SHA-1 broken, aboietf Re: SHA-1 broken, Werner Koch Re: SHA-1 broken, "Hal Finney" Re: SHA-1 broken, Werner Koch Re: SHA-1 broken, Ingo Luetkebohle

Previous by Date:	Re: SHA-1 broken, Ian G
Next by Date:	Re: SHA-1 broken, aboietf
Previous by Thread:	Re: SHA-1 broken, Ian G
Next by Thread:	Re: SHA-1 broken, Lutz Donnerhacke
Indexes:	[Date] [Thread] [Top] [All Lists]