- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Fri, 25 Feb 2005 17:30:43 +0000
- To: "Www-Xkms (E-mail)" <www-xkms@w3.org>
- Cc: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Thanks Phill. Folks - this closes out the action I took with no change needed, as expected. Stephen. Hallam-Baker, Phillip wrote: > I discussed this extensively with Kaliski, Shamir, Rivest and Bill Burr at > RSA 2005. > > HMAC-SHA1 is not threatened in any serious extent and there is no obvious > replacement in any case. Burt pointed out that the criteria we use for hash > functions are very very conservative, collisions are much easier than first > or second pre-image. Shamir said that we should not jump to SHA-256, it has > not been examined sufficiently, everyone else seems to concur. > > Phill > > >>-----Original Message----- >>From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie] >>Sent: Friday, February 25, 2005 6:17 AM >>To: Hallam-Baker, Phillip >>Subject: SHA-1 >> >> >> >>Phill, >> >>I took an action at the last xkms concall to check whether we >>think that there's any danger in our current use of HMAC-SHA1 >>related to the recent news. Currently HMAC-SHA1 is a MUST for xkms. >> >>What do you think? >> >>Stephen. >> >> > >
Received on Friday, 25 February 2005 17:29:44 UTC