W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2010

Re: Reference for SHA-1 being broken

From: Frederick Hirsch <Frederick.Hirsch@nokia.com>
Date: Thu, 14 Jan 2010 12:05:24 -0500
Cc: Frederick Hirsch <Frederick.Hirsch@nokia.com>, "Martin, Cynthia E." <cemartin@mitre.org>, ext Peter Saint-Andre <Peter.SaintAndre@webex.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
Message-Id: <9C3F9478-A379-417C-A15A-AD7B15D17D08@nokia.com>
To: ext Harold Lockhart <hal.lockhart@oracle.com>
Hal

I think  this has been overtaken by events. Look at the latest draft,  
we reference the URL you gave that only gives the abstract as well as  
the full paper version at MIT.

Does the reference look ok now or is there a mistake lurking here?

Thanks!

regards, Frederick

Frederick Hirsch
Nokia



On Jan 14, 2010, at 11:37 AM, ext Harold Lockhart wrote:

> I am not sure if Cynthia's comment is just out of order, but I still  
> don't see a problem with providing a pointer to a non-normative bit  
> of extra information published in a peer reviewed journal, which  
> costs a nominal fee to access.
>
> I fully agree with the idea that if you want to implement a  
> standard, all the information you need should be available free of  
> charge, just as it should not be necessary to pay royalities for any  
> IPR. However, not having access to this paper in no way interferes  
> with complying with the spec.
>
> The way this began is that we were citing the NIST doc as the  
> reference for dropping SHA-1. Then it was pointed out that NIST  
> provided no technical rationale, just advice. RFC 4270 also provides  
> no technical rationale, it simply references various papers, which  
> also are not free. If you want something free, why not go back to  
> referencing NIST. If you want technical detail, clearly you must  
> cite the peer reviewed journal articles. IMO it is a good thing that  
> they are peer review, as I do not understand the math well enough to  
> verify the correctness of Wang's work. It seems well worth paying a  
> small fee and getting this assurance.
>
> This of course is in addtion to the fact that parts of RFC 4270 are  
> no longer correct.
>
> Hal
>
>> -----Original Message-----
>> From: Martin, Cynthia E. [mailto:cemartin@mitre.org]
>> Sent: Wednesday, January 13, 2010 7:51 PM
>> To: Frederick Hirsch; ext Peter Saint-Andre
>> Cc: Harold Lockhart; public-xmlsec@w3.org
>> Subject: RE: Reference for SHA-1 being broken
>>
>>
>> I agree, that is a better reference.
>>
>> Regards, Cynthia
>>
>> -----Original Message-----
>> From: public-xmlsec-request@w3.org
>> [mailto:public-xmlsec-request@w3.org] On Behalf Of Frederick Hirsch
>> Sent: Wednesday, January 13, 2010 11:58 AM
>> To: ext Peter Saint-Andre
>> Cc: Frederick Hirsch; ext Harold Lockhart; public-xmlsec@w3.org
>> Subject: Re: Reference for SHA-1 being broken
>>
>> Thanks, I agree this would be a better reference.
>>
>> Hal, Cynthia, others?
>>
>> regards, Frederick
>>
>> Frederick Hirsch
>> Nokia
>>
>>
>>
>> On Jan 13, 2010, at 11:48 AM, ext Peter Saint-Andre wrote:
>>
>>> Instead of linking to for-pay content, I still think it would be
>>> appropriate
>>> to reference RFC 4270 <http://tools.ietf.org/html/rfc4270>
>>>
>>>
>>> On 1/13/10 8:26 AM, "Frederick Hirsch"
>> <Frederick.Hirsch@nokia.com>
>>> wrote:
>>>
>>>> thanks, I'll add this to the reference unless anyone objects.
>>>>
>>>> regards, Frederick
>>>>
>>>> Frederick Hirsch
>>>> Nokia
>>>>
>>>>
>>>>
>>>> On Jan 13, 2010, at 10:19 AM, ext Harold Lockhart wrote:
>>>>
>>>>> Here is a link, but you have to pay to get more than the abstract.
>>>>>
>>>>> http://www.springerlink.com/content/26vljj3xhc28ux5m/
>>>>>
>>>>> Hal
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com]
>>>>>> Sent: Tuesday, January 12, 2010 3:58 PM
>>>>>> To: Harold Lockhart
>>>>>> Cc: Frederick Hirsch; public-xmlsec@w3.org
>>>>>> Subject: Re: Reference for SHA-1 being broken
>>>>>>
>>>>>>
>>>>>> thanks. Is there a URL?
>>>>>>
>>>>>> regards, Frederick
>>>>>>
>>>>>> Frederick Hirsch
>>>>>> Nokia
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Jan 12, 2010, at 3:45 PM, ext Harold Lockhart wrote:
>>>>>>
>>>>>>> Well Wang's team has published a bunch of papers in
>> 2005 and their
>>>>>>> initial results merely weakened SHA-1, while completely breaking
>>>>>>> MD-5. However this seems to be the paper which
>> convinced everybody
>>>>>>> that SHA-1 had to be phased out in fairly short order:
>>>>>>>
>>>>>>>
>>>>>>> Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the
>> Full SHA-1.
>>>>>>> In Shoup, V., editor, Advances in Cryptology - CRYPTO 2005,
>>>>>>> 25th Annual International Cryptology Conference, Santa Barbara,
>>>>>>> California, USA,
>>>>>>> August 14-18, 2005, Proceedings, volume 3621 of LNCS,
>> pages 17-36.
>>>>>>> Springer, 2005.
>>>>>>>
>>>>>>>
>>>>>>> Hal
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>
>>>>
>>>
>>
>>
>>
>>
Received on Thursday, 14 January 2010 17:06:32 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 14 January 2010 17:06:32 GMT