Re: Embedded certificate image

[Stefan Santesson <stefan@xxxxxxxxxxx>]

Understood,

However, I can't escape that it feels a bit warped if we abandon useful
features because we must design protocols to resist weak hashes instead of
making sure that we can and do use adequate hash algorithms.

On the second point, the data in both SVG and PDF/A are highly structured.
SVG is for example an XML based vector graphic language.

/Stefan


On 09-07-30 4:16 PM, "Miller, Timothy J." <tmiller@xxxxxxxxx> wrote:

>> Russ came up with a concern that all hash attacks loves big chunks of
>> random data that can be used to create collisions. Counter arguments is
>> that this is only a concern is a week hash is used and also that the
>> data has some structure as it is base64 encoded.
> 
> Since no-one knows what the next weakness in any hash will be, this isn't a
> valid counter-argument to Russ's point, IMHO.  SHA1 could be completely
> broken tomorrow.
> 
> Sotirov, Stevens, Lenstra, et.al. would have had an easier time, I should
> think, if there was a big chunk of data in each cert *other* than they key.
> Also, the actual image data is largely unstructrured past the image header;
> but any structure in this data is largely immaterial to a collision
> construction attack.
> 
> -- Tim
>