W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2010

Re: Reference for SHA-1 being broken

From: Frederick Hirsch <Frederick.Hirsch@nokia.com>
Date: Wed, 13 Jan 2010 12:12:49 -0500
Cc: Frederick Hirsch <Frederick.Hirsch@nokia.com>, Peter Saint-Andre <Peter.SaintAndre@webex.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-Id: <D4F4516A-52FF-4312-8383-04C9D0CEE4EE@nokia.com>
To: ext Harold Lockhart <hal.lockhart@oracle.com>
True, it is a reference to a book that can be obtained from a library  
or purchased. Moreover the link provides useful information for  
following up.

RFC 4270 is dated 2005 and I note it states

[[ The attacks against SHA-1 are not feasible with today's computers,
but will be if the attacks are improved or Moore's Law continues to  
make computing power cheaper. ]]
Thus continuing the reference to Wang paper provided by Hal might be  
more appropriate.

regards, Frederick

Frederick Hirsch
Nokia



On Jan 13, 2010, at 12:08 PM, ext Harold Lockhart wrote:

> Well as I understand it, the idea was to cite a detailed  
> cryptographic analysis for those who wished such information. Given  
> that it is not a normative reference, it seems reasonable to provide  
> the reference. After all, people frequently buy books on computer  
> subjects to increase their professional knowledge.
>
> There are a number of problems with citing RFC 4270. First of all,  
> it turns around and cites the Wang papers for details, so there is  
> no improvement there. More importantly, it is seriously out of date.  
> At the time it was written it was thought that collisions were the  
> only problem. It has now been demonstrated that there are forging  
> and key recovery attacks on the order of sqr(n).
>
> Hal
>
>> -----Original Message-----
>> From: Peter Saint-Andre [mailto:Peter.SaintAndre@webex.com]
>> Sent: Wednesday, January 13, 2010 11:49 AM
>> To: Frederick Hirsch; Harold Lockhart
>> Cc: public-xmlsec@w3.org
>> Subject: Re: Reference for SHA-1 being broken
>>
>>
>> Instead of linking to for-pay content, I still think it would
>> be appropriate
>> to reference RFC 4270 <http://tools.ietf.org/html/rfc4270>
>>
>>
>> On 1/13/10 8:26 AM, "Frederick Hirsch"
>> <Frederick.Hirsch@nokia.com> wrote:
>>
>>> thanks, I'll add this to the reference unless anyone objects.
>>>
>>> regards, Frederick
>>>
>>> Frederick Hirsch
>>> Nokia
>>>
>>>
>>>
>>> On Jan 13, 2010, at 10:19 AM, ext Harold Lockhart wrote:
>>>
>>>> Here is a link, but you have to pay to get more than the abstract.
>>>>
>>>> http://www.springerlink.com/content/26vljj3xhc28ux5m/
>>>>
>>>> Hal
>>>>
>>>>> -----Original Message-----
>>>>> From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com]
>>>>> Sent: Tuesday, January 12, 2010 3:58 PM
>>>>> To: Harold Lockhart
>>>>> Cc: Frederick Hirsch; public-xmlsec@w3.org
>>>>> Subject: Re: Reference for SHA-1 being broken
>>>>>
>>>>>
>>>>> thanks. Is there a URL?
>>>>>
>>>>> regards, Frederick
>>>>>
>>>>> Frederick Hirsch
>>>>> Nokia
>>>>>
>>>>>
>>>>>
>>>>> On Jan 12, 2010, at 3:45 PM, ext Harold Lockhart wrote:
>>>>>
>>>>>> Well Wang's team has published a bunch of papers in 2005
>> and their
>>>>>> initial results merely weakened SHA-1, while completely breaking
>>>>>> MD-5. However this seems to be the paper which convinced
>> everybody
>>>>>> that SHA-1 had to be phased out in fairly short order:
>>>>>>
>>>>>>
>>>>>> Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the
>> Full SHA-1.
>>>>>> In Shoup, V., editor, Advances in Cryptology - CRYPTO 2005,
>>>>>> 25th Annual International Cryptology Conference, Santa Barbara,
>>>>>> California, USA,
>>>>>> August 14-18, 2005, Proceedings, volume 3621 of LNCS,
>> pages 17 36.
>>>>>> Springer, 2005.
>>>>>>
>>>>>>
>>>>>> Hal
>>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>>
>>
Received on Wednesday, 13 January 2010 17:13:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 13 January 2010 17:13:53 GMT