This was posted on the PGP-Basics mailing list by Robert J. Hansen:
Some researchers are claiming they’ve been able to make the Shengdong
University attack on SHA-1 a factor of about 2000 times easier. If
their research is correct, that means SHA-1 is now attackable by regular
people.These results are not unexpected. We knew this day would come. For the
last couple of years most crypto nerds have been strongly recommending
people either migrate away from SHA-1 immediately, or at the very least
have a migration plan put together.If you have already migrated — then you may ignore this development.
If you have not — then it is increasingly urgent you do so.
Original URL:
http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
Leave a Reply