[Top] [All Lists]

Re: [openpgp] Fingerprints and their collisions resistance

2013-01-04 13:56:53
On 01/04/2013 02:53 AM, Christian Aistleitner wrote:
Hi Andrey,

On Thu, Jan 03, 2013 at 03:30:14PM -0800, Andrey Jivsov wrote:
Instead of 80 bit is security (birthday
bounds) SHA-1 is listed as 51 bits on

Since you mention the 51 bits part again and again ...

Do you have any data / research underpinning this 51 (Besides

After all, the cited Wikipedia page links to the retracted variant of
an article :-(

Otherwise, the best /theoretical/ result that I know of is just
above 60.

It looks like this is from the paper "Classification and Generation of Disturbance Vectors for Collision Attacks against SHA-1"
published in 2011 in Designs, Codes and Cryptography
with 27 citations in Google scholar. There you can find a dozen of different copies (or minor revisions?) of the paper and Wikipedia links one of them.

Should we rather say that the _practical_ value is about 60 (it's not to say that 2^60 is that practical, but that there is an expensive but an actionable attack plan). The following post leads the reader to the algorithm :
openpgp mailing list

<Prev in Thread] Current Thread [Next in Thread>