On Tue, 15 Feb 2005, Steven M. Bellovin wrote:

> According to Bruce Schneier's blog 
> (http://www.schneier.com/blog/archives/2005/02/sha1_broken.html), a 
> team has found collisions in full SHA-1.  It's probably not a practical 
> threat today, since it takes 2^69 operations to do it and we haven't 
> heard claims that NSA et al. have built massively parallel hash 
> function collision finders, but it's an impressive achievement 
> nevertheless -- especially since it comes just a week after NIST stated 
> that there were no successful attacks on SHA-1.

and what  about HMAC-SHA1 ? Is  it reducing the  operation required by
the same factor  or as the structure of HMAC is  so different that the
attack is very unlikely to be practical ?

--                   Alexandre Dulaunoy (adulau) -- http://www.foo.be/
--         http://pgp.ael.be:11371/pks/lookup?op=get&search=0x44E6CBCD
--         "Knowledge can create problems, it is not through ignorance
--                                that we can solve them" Isaac Asimov

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to