RE: Reference for SHA-1 being broken

I am not sure if Cynthia's comment is just out of order, but I still don't see a problem with providing a pointer to a non-normative bit of extra information published in a peer reviewed journal, which costs a nominal fee to access.

I fully agree with the idea that if you want to implement a standard, all the information you need should be available free of charge, just as it should not be necessary to pay royalities for any IPR. However, not having access to this paper in no way interferes with complying with the spec.

The way this began is that we were citing the NIST doc as the reference for dropping SHA-1. Then it was pointed out that NIST provided no technical rationale, just advice. RFC 4270 also provides no technical rationale, it simply references various papers, which also are not free. If you want something free, why not go back to referencing NIST. If you want technical detail, clearly you must cite the peer reviewed journal articles. IMO it is a good thing that they are peer review, as I do not understand the math well enough to verify the correctness of Wang's work. It seems well worth paying a small fee and getting this assurance.

This of course is in addtion to the fact that parts of RFC 4270 are no longer correct.

Hal

> -----Original Message-----
> From: Martin, Cynthia E. [mailto:cemartin@mitre.org]
> Sent: Wednesday, January 13, 2010 7:51 PM
> To: Frederick Hirsch; ext Peter Saint-Andre
> Cc: Harold Lockhart; public-xmlsec@w3.org
> Subject: RE: Reference for SHA-1 being broken
> 
> 
> I agree, that is a better reference.
> 
> Regards, Cynthia
> 
> -----Original Message-----
> From: public-xmlsec-request@w3.org 
> [mailto:public-xmlsec-request@w3.org] On Behalf Of Frederick Hirsch
> Sent: Wednesday, January 13, 2010 11:58 AM
> To: ext Peter Saint-Andre
> Cc: Frederick Hirsch; ext Harold Lockhart; public-xmlsec@w3.org
> Subject: Re: Reference for SHA-1 being broken
> 
> Thanks, I agree this would be a better reference.
> 
> Hal, Cynthia, others?
> 
> regards, Frederick
> 
> Frederick Hirsch
> Nokia
> 
> 
> 
> On Jan 13, 2010, at 11:48 AM, ext Peter Saint-Andre wrote:
> 
> > Instead of linking to for-pay content, I still think it would be  
> > appropriate
> > to reference RFC 4270 <http://tools.ietf.org/html/rfc4270>
> >
> >
> > On 1/13/10 8:26 AM, "Frederick Hirsch" 
> <Frederick.Hirsch@nokia.com>  
> > wrote:
> >
> >> thanks, I'll add this to the reference unless anyone objects.
> >>
> >> regards, Frederick
> >>
> >> Frederick Hirsch
> >> Nokia
> >>
> >>
> >>
> >> On Jan 13, 2010, at 10:19 AM, ext Harold Lockhart wrote:
> >>
> >>> Here is a link, but you have to pay to get more than the abstract.
> >>>
> >>> http://www.springerlink.com/content/26vljj3xhc28ux5m/
> >>>
> >>> Hal
> >>>
> >>>> -----Original Message-----
> >>>> From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com]
> >>>> Sent: Tuesday, January 12, 2010 3:58 PM
> >>>> To: Harold Lockhart
> >>>> Cc: Frederick Hirsch; public-xmlsec@w3.org
> >>>> Subject: Re: Reference for SHA-1 being broken
> >>>>
> >>>>
> >>>> thanks. Is there a URL?
> >>>>
> >>>> regards, Frederick
> >>>>
> >>>> Frederick Hirsch
> >>>> Nokia
> >>>>
> >>>>
> >>>>
> >>>> On Jan 12, 2010, at 3:45 PM, ext Harold Lockhart wrote:
> >>>>
> >>>>> Well Wang's team has published a bunch of papers in 
> 2005 and their
> >>>>> initial results merely weakened SHA-1, while completely breaking
> >>>>> MD-5. However this seems to be the paper which 
> convinced everybody
> >>>>> that SHA-1 had to be phased out in fairly short order:
> >>>>>
> >>>>>
> >>>>> Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the 
> Full SHA-1.
> >>>>> In Shoup, V., editor, Advances in Cryptology - CRYPTO 2005,
> >>>>> 25th Annual International Cryptology Conference, Santa Barbara,
> >>>>> California, USA,
> >>>>> August 14-18, 2005, Proceedings, volume 3621 of LNCS, 
> pages 17-36.
> >>>>> Springer, 2005.
> >>>>>
> >>>>>
> >>>>> Hal
> >>>>>
> >>>>
> >>>>
> >>>>
> >>
> >>
> >
> 
> 
> 
>

Received on Thursday, 14 January 2010 16:39:47 UTC