Thanks Phill. Folks - this closes out the action I took with no change needed, as expected. Stephen. Hallam-Baker, Phillip wrote: > I discussed this extensively with Kaliski, Shamir, Rivest and Bill Burr at > RSA 2005. > > HMAC-SHA1 is not threatened in any serious extent and there is no obvious > replacement in any case. Burt pointed out that the criteria we use for hash > functions are very very conservative, collisions are much easier than first > or second pre-image. Shamir said that we should not jump to SHA-256, it has > not been examined sufficiently, everyone else seems to concur. > > Phill > > >>-----Original Message----- >>From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie] >>Sent: Friday, February 25, 2005 6:17 AM >>To: Hallam-Baker, Phillip >>Subject: SHA-1 >> >> >> >>Phill, >> >>I took an action at the last xkms concall to check whether we >>think that there's any danger in our current use of HMAC-SHA1 >>related to the recent news. Currently HMAC-SHA1 is a MUST for xkms. >> >>What do you think? >> >>Stephen. >> >> > >Received on Friday, 25 February 2005 17:29:44 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:23 GMT