W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2010

RE: Reference for SHA-1 being broken

From: Martin, Cynthia E. <cemartin@mitre.org>
Date: Wed, 13 Jan 2010 19:51:43 -0500
To: Frederick Hirsch <frederick.hirsch@nokia.com>, "ext Edgar, Gerald" <gerald.edgar@boeing.com>
CC: "public-xmlsec@w3.org" <public-xmlsec@w3.org>, "Martin, Cynthia E." <cemartin@mitre.org>
Message-ID: <6A913BB6ED2E2C43AC275462A83E68490C126BF2FC@IMCMBX3.MITRE.ORG>
I agree.

Regards, Cynthia


-----Original Message-----
From: public-xmlsec-request@w3.org [mailto:public-xmlsec-request@w3.org] On Behalf Of Frederick Hirsch
Sent: Wednesday, January 13, 2010 3:03 PM
To: ext Edgar, Gerald
Cc: Frederick Hirsch; public-xmlsec@w3.org
Subject: Re: Reference for SHA-1 being broken

I suggest we provide the official URL Hal provided since it is stable  
and indicates how to get more information. I suggest we also include  
the URL Gerald mentioned, thus the reference would read:

X. Wang, Y.L. Yin, H. Yu. Finding Collisions in the Full SHA-1. . In  
Shoup, V., editor, Advances in Cryptology - CRYPTO 2005, 25th Annual  
International Cryptology Conference, Santa Barbara, California, USA,  
August 14-18, 2005, Proceedings, volume 3621 of LNCS, pages 17-36.  
Springer, 2005. URL: http://people.csail.mit.edu/yiqun/SHA1AttackProceedingVersion.pdf 
  (also published in http://www.springerlink.com/content/26vljj3xhc28ux5m/ 
  )


Does this make sense?  Any corrections, suggestions?

regards, Frederick

Frederick Hirsch
Nokia



On Jan 13, 2010, at 1:25 PM, ext Edgar, Gerald wrote:

> There is a presentation of the Crypto 2005 "Rump session" on SHA-1  
> at http://www.iacr.org/conferences/crypto2005/r/2.pdf
> There is also a copy of the original paper at http://people.csail.mit.edu/yiqun/SHA1AttackProceedingVersion.pdf
> The formal reference to Springer is stable, but if people search,  
> they can find a copy they do not have to pay for, if that is the  
> objection.
>
>
> Gerald Edgar, CISSP
> Enterprise Architecture & Information Security
>
> Cell: 425-503-3912
>
> -----Original Message-----
> From: public-xmlsec
> Sent: Wednesday, January 13, 2010 9:08 AM
> To: Peter Saint-Andre; Frederick Hirsch
> Cc: public-xmlsec@w3.org
> Subject: RE: Reference for SHA-1 being broken
>
> Well as I understand it, the idea was to cite a detailed  
> cryptographic analysis for those who wished such information. Given  
> that it is not a normative reference, it seems reasonable to provide  
> the reference. After all, people frequently buy books on computer  
> subjects to increase their professional knowledge.
>
> There are a number of problems with citing RFC 4270. First of all,  
> it turns around and cites the Wang papers for details, so there is  
> no improvement there. More importantly, it is seriously out of date.  
> At the time it was written it was thought that collisions were the  
> only problem. It has now been demonstrated that there are forging  
> and key recovery attacks on the order of sqr(n).
>
> Hal
>
>> -----Original Message-----
>> From: Peter Saint-Andre [mailto:Peter.SaintAndre@webex.com]
>> Sent: Wednesday, January 13, 2010 11:49 AM
>> To: Frederick Hirsch; Harold Lockhart
>> Cc: public-xmlsec@w3.org
>> Subject: Re: Reference for SHA-1 being broken
>>
>>
>> Instead of linking to for-pay content, I still think it would be
>> appropriate to reference RFC 4270 <http://tools.ietf.org/html/ 
>> rfc4270>
>>
>>
>> On 1/13/10 8:26 AM, "Frederick Hirsch"
>> <Frederick.Hirsch@nokia.com> wrote:
>>
>>> thanks, I'll add this to the reference unless anyone objects.
>>>
>>> regards, Frederick
>>>
>>> Frederick Hirsch
>>> Nokia
>>>
>>>
>>>
>>> On Jan 13, 2010, at 10:19 AM, ext Harold Lockhart wrote:
>>>
>>>> Here is a link, but you have to pay to get more than the abstract.
>>>>
>>>> http://www.springerlink.com/content/26vljj3xhc28ux5m/
>>>>
>>>> Hal
>>>>
>>>>> -----Original Message-----
>>>>> From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com]
>>>>> Sent: Tuesday, January 12, 2010 3:58 PM
>>>>> To: Harold Lockhart
>>>>> Cc: Frederick Hirsch; public-xmlsec@w3.org
>>>>> Subject: Re: Reference for SHA-1 being broken
>>>>>
>>>>>
>>>>> thanks. Is there a URL?
>>>>>
>>>>> regards, Frederick
>>>>>
>>>>> Frederick Hirsch
>>>>> Nokia
>>>>>
>>>>>
>>>>>
>>>>> On Jan 12, 2010, at 3:45 PM, ext Harold Lockhart wrote:
>>>>>
>>>>>> Well Wang's team has published a bunch of papers in 2005
>> and their
>>>>>> initial results merely weakened SHA-1, while completely breaking
>>>>>> MD-5. However this seems to be the paper which convinced
>> everybody
>>>>>> that SHA-1 had to be phased out in fairly short order:
>>>>>>
>>>>>>
>>>>>> Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the
>> Full SHA-1.
>>>>>> In Shoup, V., editor, Advances in Cryptology - CRYPTO 2005, 25th
>>>>>> Annual International Cryptology Conference, Santa Barbara,
>>>>>> California, USA, August 14-18, 2005, Proceedings, volume 3621 of
>>>>>> LNCS,
>> pages 1736.
>>>>>> Springer, 2005.
>>>>>>
>>>>>>
>>>>>> Hal
>>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>>
>>
>
>
Received on Thursday, 14 January 2010 00:52:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 14 January 2010 00:52:18 GMT