At 19:04 +0000 on 12/19/2005, john gilmore wrote about first MD5 and now SHA-1:
Shiaoyun Wang has done it again! After breaking MD5 last year, she
has now broken SHA-1. The NSA's own pridefully recommended
encryption system now affords not even minimal security.
Look to the situations in which you are using it, directly or at one remove.
You have to look at the MD5 and SHA-1 "Braking" in context. What has
been done is the ability to create lots of messages and yield two of
these messages with the same hash in much fewer attempts than pure
chance would require. The methods do NOT allow you to force the
"matching" message to have the same hash as another nor does it allow
the alteration of a message while keeping the hash (either of which
would compromise the systems from a security viewpoint).
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
