On Friday 08 May 2009 02:09:31 David Shaw wrote: > One fear that I've seen talked about for SHA-1 is that an attacker can > create a duplicate document such that if you signed document or key A, > they could come up with a document or key B that your signature would > equally apply to. That fear is more than a little overblown. Even > MD5 hasn't been broken to that extent.
http://eprint.iacr.org/2005/067.pdf As far as I understand this paper, MD5 has been broken to that extent. For SHA1 you're still right of course. Raimar
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
