Use other hash than SHA-1

Raimar Sandner mail at 404not-found.de
Fri May 8 09:26:29 CEST 2009


On Friday 08 May 2009 09:14:27 Raimar Sandner wrote:
> On Friday 08 May 2009 02:09:31 David Shaw wrote:
> > One fear that I've seen talked about for SHA-1 is that an attacker can
> > create a duplicate document such that if you signed document or key A,
> > they could come up with a document or key B that your signature would
> > equally apply to.  That fear is more than a little overblown.  Even
> > MD5 hasn't been broken to that extent.
>
> http://eprint.iacr.org/2005/067.pdf
>
> As far as I understand this paper, MD5 has been broken to that extent. For
> SHA1 you're still right of course.

http://eprint.iacr.org/2009/111.pdf

Sorry, this is the reference I meant... even more impressive :)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20090508/ac36bfc2/attachment.pgp>


More information about the Gnupg-users mailing list