[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SHA-1 broken

To: Werner Koch <wk@xxxxxxxxx>
Subject: Re: SHA-1 broken
From: Ingo Luetkebohle <ingo@xxxxxxxxxxxxxx>
Date: Fri, 18 Feb 2005 13:26:55 +0100
Cc: "\"Hal Finney\"" <hal@xxxxxxxxxx>, ietf-openpgp@xxxxxxx
In-reply-to: <87d5uyf548.fsf@xxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
References: <20050218004927.CB72957EBA@xxxxxxxxxx> <87d5uyf548.fsf@xxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx

On Fri, 2005-02-18 at 13:02 +0100, Werner Koch wrote:
> We should however not kick out SHA-1 from all places where it is now
> used and replace it by SHA-256 before we understand the new attack.

Hmm, maybe this is stupid and it is definetely more effort
computationally, but what about using several hashing methods
simultaneously, mandating that all hashes have to check out?

regards

-- 
Ingo

Follow-Ups:
- Re: SHA-1 broken
  - From: Ian G

References:
- Re: SHA-1 broken
  - From: "Hal Finney"
- Re: SHA-1 broken
  - From: Werner Koch

Prev by Date: The oracle weakness and the art of disclosure
Next by Date: Re: SHA-1 broken
Previous by thread: Re: SHA-1 broken
Next by thread: Re: SHA-1 broken
Index(es):
- Date
- Thread