"As of 2012, the most efficient attack against SHA-1 is considered to be the one by Marc Stevens[32] with an estimated cost of $2.77M to break a single hash value by renting CPU power from cloud servers.[33] Stevens developed this attack in a project called HashClash,[34] implementing a differential path attack. On 8 November 2010, he claimed he had a fully working near-collision attack against full SHA-1 working with an estimated complexity equivalent to 2^57.5 SHA-1 compressions. He estimates this attack can be extended to a full collision with a complexity around 2^61."
Source: http://en.wikipedia.org/w/index.php?title=SHA-1&oldid=598619464#Attacks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1288293 Title: GnuPG uses SHA1 for key signatures To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1288293/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
