W3C home > Mailing lists > Public > www-xkms@w3.org > February 2005

Re: SHA-1

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Fri, 25 Feb 2005 17:30:43 +0000
Message-ID: <421F60C3.6060505@cs.tcd.ie>
To: "Www-Xkms (E-mail)" <www-xkms@w3.org>
Cc: "Hallam-Baker, Phillip" <pbaker@verisign.com>

Thanks Phill.

Folks - this closes out the action I took with no change
needed, as expected.


Hallam-Baker, Phillip wrote:

> I discussed this extensively with Kaliski, Shamir, Rivest and Bill Burr at
> RSA 2005. 
> HMAC-SHA1 is not threatened in any serious extent and there is no obvious
> replacement in any case. Burt pointed out that the criteria we use for hash
> functions are very very conservative, collisions are much easier than first
> or second pre-image. Shamir said that we should not jump to SHA-256, it has
> not been examined sufficiently, everyone else seems to concur.
> 	Phill
>>-----Original Message-----
>>From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie] 
>>Sent: Friday, February 25, 2005 6:17 AM
>>To: Hallam-Baker, Phillip
>>Subject: SHA-1
>>I took an action at the last xkms concall to check whether we 
>>think that there's any danger in our current use of HMAC-SHA1 
>>related to the recent news. Currently HMAC-SHA1 is a MUST for xkms.
>>What do you think?
Received on Friday, 25 February 2005 17:29:44 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:43 UTC