Re: SHA-1 broken


On Thu, 17 Feb 2005 16:49:27 -0800 (PST), "Hal Finney" said:

alternative views that SHA-1 is just fine and/or that SHA-2 is no better.
I don't think SHA-1 is just fine and I do think that SHA-2 is better.
Where we go with that is still open for discussion.


I agree with your reasoning. 

We should however not kick out SHA-1 from all places where it is now
used and replace it by SHA-256 before we understand the new attack.
If we recall the DES development, the NSA knew techniques which got
invented in open research only years later.  Hopefully that is the
case with SHA-2 too.


Shalom-Salam,

   Werner

<Prev in Thread]	Current Thread	[Next in Thread>
Re: SHA-1 broken, (continued) Re: SHA-1 broken, Ian G Re: SHA-1 broken, Jon Callas Re: SHA-1 broken, Lutz Donnerhacke Re: SHA-1 broken, Jon Callas Re: SHA-1 broken, Werner Koch The oracle weakness and the art of disclosure, Ian G Re: SHA-1 broken, Konrad Rosenbaum Re: SHA-1 broken, aboietf Re: SHA-1 broken, Werner Koch Re: SHA-1 broken, "Hal Finney" Re: SHA-1 broken, Werner Koch <= Re: SHA-1 broken, Ingo Luetkebohle Re: SHA-1 broken, Ian G Re: SHA-1 broken, aboietf Re: SHA-1 broken, Werner Koch

Previous by Date:	Re: SHA-1 broken, Werner Koch
Next by Date:	The oracle weakness and the art of disclosure, Ian G
Previous by Thread:	Re: SHA-1 broken, "Hal Finney"
Next by Thread:	Re: SHA-1 broken, Ingo Luetkebohle
Indexes:	[Date] [Thread] [Top] [All Lists]