[193847] in North American Network Operators' Group
Re: SHA1 collisions proven possisble
daemon@ATHENA.MIT.EDU (valdis.kletnieks@vt.edu)
Mon Feb 27 08:39:48 2017
X-Original-To: nanog@nanog.org
From: valdis.kletnieks@vt.edu
X-Google-Original-From: Valdis.Kletnieks@vt.edu
To: Jon Lewis <jlewis@lewis.org>
In-Reply-To: <alpine.LRH.2.02.1702270717320.3485@soloth.lewis.org>
Date: Mon, 27 Feb 2017 08:39:34 -0500
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1488202774_195168P
Content-Type: text/plain; charset=us-ascii
On Mon, 27 Feb 2017 07:23:43 -0500, Jon Lewis said:
> On Sun, 26 Feb 2017, Keith Medcalf wrote:
>
> > So you would need 6000 years of computer time to compute the collision
> > on the SHA1 signature, and how much additional time to compute the
> > trapdoor (private) key, in order for the cert to be of any use?
>
> 1) Wasn't the 6000 years estimate from an article >10 years ago?
> Computers have gotten a bit faster.
No, Google's announcement last week said their POC took 6500 CPU-years
for the first phase and 110 GPU-accelerated for the second phase.
You are totally on target on your second point. A million node botnet
reduces it to right around 60 hours.
--==_Exmh_1488202774_195168P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Comment: Exmh version 2.5 07/13/2001
iQEVAwUBWLQsFo0DS38y7CIcAQInqggAgEuArFvgp7SRn1gZrFgQDeHhgNTkUghI
NgT94LvrWasxq5BzLo1A8vgzR1U1U3R76qBbirsVluYxvN/AT2vzFRJsRCgMa5Af
k7WZNuSvRssd+FBWHD27YEjayc7IdNapnmvkcy3eecV5vVXrPpP7v6GSbAMXCPXv
4AMolQatCBA8mOkLUQNz1Cxqd64IKyFUw0aY9JlrQf+ZZYkwPgO8z2DcPLsqm9+M
MA/n8AVjiAmuAHAm8aTgJqfKdZU4muDHiMwp/RziWYpu9/n0cyf6RKcHcs5CvEDE
40J7q55z4kD6Cs3AWz6Hy6dyGyUIzPZ7jaWlQX7jLg3oso2d7BXjcA==
=6Lq7
-----END PGP SIGNATURE-----
--==_Exmh_1488202774_195168P--
