SHA1 broken
Paul Rubin
http
Wed Feb 16 14:11:42 EST 2005
Irmen de Jong <irmen.NOSPAM at xs4all.nl> writes:
> > Also, the new findings only apply to hash collisions, not to the
> > invertibility of SHA1 hashes - thus, as Schneier points out, uses of
> > keyed hashes (such as HMAC) are not compromised by this.
>
> What about HMAC-MD5?
HMAC-MD5 and HMAC-SHA1 should be affected by the vulnerability in about
the same way. Based on some reasonable assumptions both should still
be secure.
Note also that the 2**69 attack against SHA1 is an important
theoretical result, but nowhere near as bad a practical vulnerability
as the md5 break which allowed finding real collisions in a few
cpu-hours. As someone on sci.crypt explained the SHA1 attack, "in
motor vehicle terms, SHA1 is a tank and they have discovered a way to
scratch the paint".
More information about the Python-list
mailing list