|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: SHA-1 broken
From: Tollef Fog Heen (tfheen
err.no)
Date: Sat Feb 19 2005 - 07:22:12 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
*
| Hey all,
|
| > We abandon the requirement of collision resistance. This is a
| > strange requirement, and is not supported by experience. Collision
| > resistance
|
| we might think of changing the requirement of collision resistance
| to "collision resistance in input data that is valid ASCII text". The
| attacks on MD5 used the weak avalanche of the highest-order bit
| in 32-bit words for producing the collision, basically precluding the
| possibility of generating colliding ASCII text.
That's not really useful is you want to sign something in non-English
languages. Valid UTF8 might be a decent requirement, though.
--
Tollef Fog Heen ,''`.
UNIX is user friendly, it's just picky about who its friends are : :' :
`. `'
`-
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]