On 6/27/2012 10:24 AM, Daniel Kahn Gillmor wrote: > For the key's fingerprint specifically, a pre-image (where the attacker > crafts a new text that shares a digest with the victim's key material) > is the thing to worry about, not a crafted collision (where the attacker > generates two texts that share a digest).
Yes. And this is exactly what I heard in 2005 from people who were dismissing the MD5 collision attacks as, "well, you know, they're not preimages." It didn't take long to go from that to full-on attacks on MD5. I expect the same will occur here. > My read of [1] is that the attack is a collision technique, not a > pre-image technique, which would imply that "eventually" is still > actually a little ways off for fingerprints at least. If by "a little ways off" you mean anywhere between six months to a few years, then yes, that's reasonable. I don't expect SHA-1 to fall over dead this afternoon, but the chaplain's been summoned to its room to deliver the Last Rites. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
