>From Bruce Schneier's weblog: http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
# SHA-1 has been broken. Not a reduced-round version. Not a simplified # version. The real thing. # # The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly # from Shandong University in China) have been quietly circulating a paper # announcing their results: # # * collisions in the the full SHA-1 in 2**69 hash operations, much # * less than the brute-force attack of 2**80 operations based on the # * hash length. # # * collisions in SHA-0 in 2**39 operations. # # * collisions in 58-round SHA-1 in 2**33 operations. # # This attack builds on previous attacks on SHA-0 and SHA-1, and is a # major, major cryptanalytic result. This pretty much puts a bullet into # SHA-1 as a hash function for digital signatures (although it doesn't # affect applications such as HMAC). # # The paper isn't generally available yet. At this point I can't tell if # the attack is real, but the paper looks good and this is a reputable # research team. This appears to be the same research team that published the MD5 collision technique back in August. -andy --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]