Gadi Evron wrote:
> http://en.epochtimes.com/tools/printer.asp?id=50336
Not a very good article on the topic, which is something like a year old
now.
SHA-1 isn't nearly as broken as MD5, so far. The US Government was
scheduled to replace SHA-1 even before she came up with the better attack.
As I recall, the current best attack is something like a two chosen
plaintext birthday collision attack, with around 67 bits of brute force.
Ideal strength would be 80 bits.
So, I would call SHA-1 "breaking", but not "broken".
BB
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
