On Thu, 26 Jan 2017 10:56, pe...@digitalbrains.com said: > second-preimage attack. The problems with SHA-1 are with collision > resistance, not preimage attacks.
Correct, but we should also mention that even collissions are not yet a current problem - but one we definitely want to be prepared for. The whole fuzz about replacing SHA-1 from https (I write https and not TLS for a reason) may help to learn about algorithm replacement procedures for the future. Replacing SHA-1 in X.509 certificates, as used for the Web, will not magically make the Web in any way more secure. The problems with the Web infrastructure are not due to SHA-1 or even RSA-1024; Shamir's old rule still holds: "Crypto will not be broken, it will by bypassed". Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpefP443XLqr.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users