Re: Re-secured Algorithm?

From: Harlan Lieberman-Berg (
Date: 08/19/05

Date: Thu, 18 Aug 2005 19:07:41 -0400

> DSA doesn't require SHA1. Ok, the standard might claim that you have
> to use SHA1, but the algorithm can (as far as I know) be used perfectly
> fine with any other hash algorithm (e.g., SHA-2), as long as you adjust
> the parameter sizes correspondingly.
It was my understanding that SHA-2 was identical to SHA-1, except for
coming in 256, 38something, and 512 bit lengths. Please, correct me if
I'm wrong.

> Third, the workfactor for the best collision attack on SHA1 currently
> known seems to require 2^63 work and a chosen-message attack. That's
> certainly not good, but you may not have to panic just yet.
No, we don't have to panic quite yet. But it is time to start looking for
alternatives and implementing them now, rather than when it is down to a
reasonable crack-time.

Relevant Pages

  • Re: Re-secured Algorithm?
    ... Generate some collisions for everyone to see. ... >using SHA-1 if it means the life of the system will only be ten years? ... SHA-2 is way too new, AND is nowhere near as scrutinized. ... If it turns out that by 2010 there are still no major weaknesses found ...
  • Re: Inertial is a lying cunt
    ... "Dono." ... >> How he can live with himself when he lies so blatantly is beyond a ... >> reasonable persons understanding. ... The lengths he'll go to try to>> cover ...
  • Re: MD5-Checksumme zur =?UTF-8?B?w5xiZXJwcsO8ZnVuZw==?= von Daten sicher?
    ... sicheren Pruefsumme, ob das nun SHA-2, RIPEMD-160 oder Whirlpool ... Die Meinungen über die Sicherheit von WHIRLPOOL gehen weit auseinander. ... Abgesehen davon würde ich SHA-1 nicht als unsicher betrachten. ...
  • Re: Re-secured Algorithm?
    ... "SHA-2" is a collective nickname for hash functions ... - The NIST Secure Hash Standard FIPS 180 defined the original SHA, ... - The updated version FIPS 180-1 defined the SHA variant SHA-1. ... speaking of "the SHA-2 hash function" in singular isn't. ...
  • Re: An Encryption Strategy - Comments Please
    ... SHA-1 is roughly fine for now, NIST states that SHA-1 should be ... collision attacks to an order of 2^63 hashings, ... Moving to SHA-2 would be nice. ...