W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2010

RE: Reference for SHA-1 being broken

From: Martin, Cynthia E. <cemartin@mitre.org>
Date: Tue, 12 Jan 2010 18:53:13 -0500
To: Harold Lockhart <hal.lockhart@oracle.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
CC: "Martin, Cynthia E." <cemartin@mitre.org>, Frederick Hirsch <frederick.hirsch@nokia.com>
Message-ID: <6A913BB6ED2E2C43AC275462A83E68490C126BED62@IMCMBX3.MITRE.ORG>
That is the paper I wanted to use as a reference, difficult to find the URL for it though.

Regards, Cynthia


-----Original Message-----
From: public-xmlsec-request@w3.org [mailto:public-xmlsec-request@w3.org] On Behalf Of Harold Lockhart
Sent: Tuesday, January 12, 2010 3:45 PM
To: public-xmlsec@w3.org
Subject: Reference for SHA-1 being broken

Well Wang's team has published a bunch of papers in 2005 and their initial results merely weakened SHA-1, while completely breaking MD-5. However this seems to be the paper which convinced everybody that SHA-1 had to be phased out in fairly short order:


Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the Full SHA-1. 
In Shoup, V., editor, Advances in Cryptology - CRYPTO 2005, 
25th Annual International Cryptology Conference, Santa Barbara, California, USA, 
August 14-18, 2005, Proceedings, volume 3621 of LNCS, pages 17–36. Springer, 2005.


Hal

Received on Tuesday, 12 January 2010 23:53:48 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 12 January 2010 23:53:49 GMT