Re: NIST publishes new DSA draft
2006-03-14 15:01:23We might want to think about making SHA-256 be another MUST algorithm. The only MUST hash now is SHA-1. Making SHA-256 be a MUST would make these new key sizes be more useful, and also give us an easier fallback if SHA-1 should be broken.
SHA-1 was broken, last month by three Chinese cryptographers as reported by Bruce Schneier through is website. On February 15, 2006 he wrote of a new cryptographic result, an attack faster than brute-force against SHA-1. Two days later he wrote an update to his original post and a quote from within it:
Earlier this week, three Chinese cryptographers showed that SHA-1 is not collision-free. That is, they developed an algorithm for finding collisions faster than brute force. ... They can find collisions in SHA-1 in 2^69 calculations, about 2,000 times faster than brute force. Right now, that is just on the far edge of feasibility with current technology. Two comparable massive computations illustrate that point.
Reference URL (02/18/2006): http://tinyurl.com/4rl78 Original post (02/15/2006): http://tinyurl.com/4bmcc With respect to your suggestion about thinking about making SHA-256 a MUST algorithm I couldn't agree more. Cheers, James -- James Couzens, Programmer ___ __ __ ___ | __| \/ |/ __| The Electric Mail Company | _|| |\/| | (__ Managed, Secure Email Services |___|_| |_|\___| http://www.electricmail.com Direct Line: 604.482.1111 x152 -------------------------------------------------- PGP Key Fingerprint: B2EF B741 1807 2F24 8B70 F89B 03D2 6CFF C52F 0052
signature.asc
Description: This is a digitally signed message part
| Previous by Date: | Re: NIST publishes new DSA draft, "Hal Finney" |
|---|---|
| Next by Date: | Re: NIST publishes new DSA draft, "Hal Finney" |
| Previous by Thread: | Re: NIST publishes new DSA draft, Jon Callas |
| Next by Thread: | Re: NIST publishes new DSA draft, "Hal Finney" |
| Indexes: | [Date] [Thread] [Top] [All Lists] |