[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SHA 1 vs. SHA 256 for Root CA

To: "Paul Hoffman" <paul.hoffman@xxxxxxxx>, "ROGER YOUNGLOVE" <ryounglove1@xxxxxxx>, <ietf-pkix@xxxxxxx>
Subject: RE: SHA 1 vs. SHA 256 for Root CA
From: "Santosh Chokhani" <chokhani@xxxxxxxxxxxx>
Date: Mon, 29 Jan 2007 10:59:37 -0800
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <BAY106-F33A6ECAF0FBDCF9F789787FCA70@xxxxxxx> <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
Thread-index: AcdD1RzqGCx9vnFpS4mDKNUrY0V3iwAALD7QAAByF6A=
Thread-topic: SHA 1 vs. SHA 256 for Root CA

Paul,

It is not clear why pre-image issue is relevant.  The root public key or
self-signed certificate needs protections other than own signature and
hence hashing algorithm strength is not an issue.  Signature on the
certificate buys nothing security wise.

-----Original Message-----
From: owner-ietf-pkix@xxxxxxxxxxxx [mailto:owner-ietf-pkix@xxxxxxxxxxxx]
On Behalf Of Paul Hoffman
Sent: Monday, January 29, 2007 12:23 PM
To: ROGER YOUNGLOVE; ietf-pkix@xxxxxxx
Subject: Re: SHA 1 vs. SHA 256 for Root CA


At 9:38 AM -0500 1/29/07, ROGER YOUNGLOVE wrote:
>i believe that SHA1 is not sufficient for a 20 year root CA lifespan.

It would be useful to know where that belief comes from. To date, 
there have been no suggestions of any weakness for SHA-1 against 
preimage attacks. Also to date, no one has suggested that it is 
possible for anyone to brute-force a cryptographic primitive that 
would require 2^160 iterations.

--Paul Hoffman, Director
--VPN Consortium

References:
- SHA 1 vs. SHA 256 for Root CA
  - From: ROGER YOUNGLOVE
- Re: SHA 1 vs. SHA 256 for Root CA
  - From: Paul Hoffman

Prev by Date: RE: SHA 1 vs. SHA 256 for Root CA
Next by Date: Re: SHA 1 vs. SHA 256 for Root CA
Previous by thread: Re: SHA 1 vs. SHA 256 for Root CA
Next by thread: Re: SHA 1 vs. SHA 256 for Root CA
Index(es):
- Date
- Thread