On Tue, 15 Feb 2005, Steven M. Bellovin wrote: > According to Bruce Schneier's blog > (http://www.schneier.com/blog/archives/2005/02/sha1_broken.html), a > team has found collisions in full SHA-1. It's probably not a practical > threat today, since it takes 2^69 operations to do it and we haven't > heard claims that NSA et al. have built massively parallel hash > function collision finders, but it's an impressive achievement > nevertheless -- especially since it comes just a week after NIST stated > that there were no successful attacks on SHA-1.
and what about HMAC-SHA1 ? Is it reducing the operation required by the same factor or as the structure of HMAC is so different that the attack is very unlikely to be practical ? -- -- Alexandre Dulaunoy (adulau) -- http://www.foo.be/ -- http://pgp.ael.be:11371/pks/lookup?op=get&search=0x44E6CBCD -- "Knowledge can create problems, it is not through ignorance -- that we can solve them" Isaac Asimov --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]