On Friday 08 May 2009 09:14:27 Raimar Sandner wrote: > On Friday 08 May 2009 02:09:31 David Shaw wrote: > > One fear that I've seen talked about for SHA-1 is that an attacker can > > create a duplicate document such that if you signed document or key A, > > they could come up with a document or key B that your signature would > > equally apply to. That fear is more than a little overblown. Even > > MD5 hasn't been broken to that extent. > > http://eprint.iacr.org/2005/067.pdf > > As far as I understand this paper, MD5 has been broken to that extent. For > SHA1 you're still right of course.
http://eprint.iacr.org/2009/111.pdf Sorry, this is the reference I meant... even more impressive :)
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
