On Thu, 26 Jan 2017 10:56, pe...@digitalbrains.com said:

> second-preimage attack. The problems with SHA-1 are with collision
> resistance, not preimage attacks.

Correct, but we should also mention that even collissions are not yet a
current problem - but one we definitely want to be prepared for.

The whole fuzz about replacing SHA-1 from https (I write https and not
TLS for a reason) may help to learn about algorithm replacement
procedures for the future.  Replacing SHA-1 in X.509 certificates, as
used for the Web, will not magically make the Web in any way more
secure.  The problems with the Web infrastructure are not due to SHA-1
or even RSA-1024; Shamir's old rule still holds: "Crypto will not be
broken, it will by bypassed".


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Attachment: pgpefP443XLqr.pgp
Description: PGP signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to