Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: SHA-1 broken
From: Tollef Fog Heen (tfheenerr.no)
Date: Sat Feb 19 2005 - 07:22:12 CST
| Hey all,
| > We abandon the requirement of collision resistance. This is a
| > strange requirement, and is not supported by experience. Collision
| > resistance
| we might think of changing the requirement of collision resistance
| to "collision resistance in input data that is valid ASCII text". The
| attacks on MD5 used the weak avalanche of the highest-order bit
| in 32-bit words for producing the collision, basically precluding the
| possibility of generating colliding ASCII text.
That's not really useful is you want to sign something in non-English
languages. Valid UTF8 might be a decent requirement, though.
Tollef Fog Heen ,''`.
UNIX is user friendly, it's just picky about who its friends are : :' :