Re: RSASSA-PSS using a wounded hash function
- From: "Joseph Ashwood" <ashwood@xxxxxxx>
- Date: Fri, 21 Aug 2009 12:47:08 -0700
"Noob" <root@xxxxxxxxx> wrote in message news:h6jpuf$tne$1@xxxxxxxxxxx
I'm using LTC to add RSASSA-PSS from to a slow (130 MHz) STB.
I was considering using a "weak" hash function, in order to slow the boot as
little as possible.
I strongly suggest reconsidering that, cryptographic wounds are not flesh wounds, best case the wound festers and slowly poisons.
What breaks if I use MD5?
Everything.
Is SHA-1 considered collision-resistant?
Is it still OK to use SHA-1?
SHA-1 should be considered marginal. It is not critical to rip it out of current products, but it is a bad idea to use it for anything new. Since your target is likely designed to remain in market for longer than 6 months I suggest you consider your alternatives. It would also be very helpful for you to consult with a cryptanalyst on the design in depth, there are many little mistakes that we've all seen that can be very hard to understand.
Joe
.
- References:
- RSASSA-PSS using a wounded hash function
- From: Noob
- RSASSA-PSS using a wounded hash function
- Prev by Date: Re: modified factoring problem.
- Next by Date: Re: Cascading AES and Serpent
- Previous by thread: Re: RSASSA-PSS using a wounded hash function
- Next by thread: Re: Theorem-writing Computer Program?
- Index(es):
