W3C home > Mailing lists > Public > www-xkms@w3.org > February 2005

Re: SHA-1

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Fri, 25 Feb 2005 17:30:43 +0000
Message-ID: <421F60C3.6060505@cs.tcd.ie>
To: "Www-Xkms (E-mail)" <www-xkms@w3.org>
Cc: "Hallam-Baker, Phillip" <pbaker@verisign.com>


Thanks Phill.

Folks - this closes out the action I took with no change
needed, as expected.

Stephen.

Hallam-Baker, Phillip wrote:

> I discussed this extensively with Kaliski, Shamir, Rivest and Bill Burr at
> RSA 2005. 
> 
> HMAC-SHA1 is not threatened in any serious extent and there is no obvious
> replacement in any case. Burt pointed out that the criteria we use for hash
> functions are very very conservative, collisions are much easier than first
> or second pre-image. Shamir said that we should not jump to SHA-256, it has
> not been examined sufficiently, everyone else seems to concur.
> 
> 	Phill
> 
> 
>>-----Original Message-----
>>From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie] 
>>Sent: Friday, February 25, 2005 6:17 AM
>>To: Hallam-Baker, Phillip
>>Subject: SHA-1
>>
>>
>>
>>Phill,
>>
>>I took an action at the last xkms concall to check whether we 
>>think that there's any danger in our current use of HMAC-SHA1 
>>related to the recent news. Currently HMAC-SHA1 is a MUST for xkms.
>>
>>What do you think?
>>
>>Stephen.
>>
>>
> 
> 
Received on Friday, 25 February 2005 17:29:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:23 GMT