On 23 February 2017 at 14:19, Peter Waher <peterwa...@hotmail.com> wrote:
> SHA-1 is used in many places throughout XMPP. Examples include > authentication mechanisms (SCRAM-SHA-1) and entity capabilities (XEP-0115), > for instance. Concerning the recent report about vulnerabilities found in > SHA-1, should there be an effort to upgrade all these to SHA-256 or later? > The sky hasn't fallen quite yet. A lot of effort is needed to generate a collision, and collisions are especially hard to do if you're after a second preimage attack on a short input. As far as I'm aware, this is merely a single first preimage attack - finding two inputs which produce the same output. A second preimage attack starts with a known, fixed, output (or an input) and attempts to find another input that will produce it. An attack on SCRAM, etc, would rely on a second preimage attack, as would XEP-0115, etc. Quite honestly, SCRAM is fair easier to brute-force than generate a collision, due to the small search space used by passwords, anyway. So summary: Yes, we do need to upgrade from SHA-1, but there's no panic, and we can take the time to do things properly. Dave.
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
