[17024] in cryptography@c2.net mail archive
Re: [IP] One cryptographer's perspective on the SHA-1 result
daemon@ATHENA.MIT.EDU (james hughes)
Sun Mar 6 14:46:35 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <42286F54.12746.16BD42@localhost>
Cc: james hughes <hughejp@mac.com>
From: james hughes <hughejp@mac.com>
Date: Sun, 6 Mar 2005 14:30:24 -0500
To: cryptography@metzdowd.com
On Mar 4, 2005, at 5:23 PM, James A. Donald wrote:
> The attacks on MD*/SHA* are weak and esoteric.
On this we respectfuly disagree.
You make it sound trivial. Wang has been working on these results for
over 10 years. She received the largest applause at Crypto 2004 session
from her peers I have ever seen.
> It is not so fundamentally broken as to justify starting over.
on this I agree.
My recommendation for anyone that listens to (nobody) me is to abandon
the MD series and SHA algorithms below SHA-256 for everything including
certificates, pgp and even HMAC. But these are my inclinations. I would
rather migrate to stronger crypto than have to continually justify why
I continue to use algorithms that have known weaknesses.
$0.02
> --digsig
> James A. Donald
> 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
> QVYtFQAELN4YlZ9xB60CvXTqW8QT8rOABMbJrPXE
> 4hz2qo1jnDwc3tmFFeyh6lG9sOrXL1783FYSh2s+v
What software do you use for this? Is it ECC or RSA?
Thanks
jim
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
