On Saturday, February 25, 2017, Miroslav Rovis <miro.ro...@croatiafidelis.hr> wrote: > https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html > > -- > Miroslav Rovis > Zagreb, Croatia > http://www.CroatiaFidelis.hr >
Very interesting. The first useful SHA-1 collision was, if I remember, done in 2015, and subverted an HTTPS certificate (though not one which had been issued). This was some guys with a couple of servers lined with graphics cards. Seeing someone manage to do it in a garage a number of years before it was cosidered feasible should, hopefully, make you have more conservative estimates of the strength of modern cryptography. Aside: http://ecrypt-eu.blogspot.com/2015/11/break-dozen-secret-keys-get-million.html R0b0t1.
