On Feb 24, 2017, at 12:04 PM, Vincent Bernat <ber...@luffy.cx> wrote: > ❦ 23 février 2017 21:16 -0500, "Patrick W. Gilmore" <patr...@ianai.net> : > >> A couple things will make this slightly less useful for the attacker: >> 1) How many people are not going to keep a copy? Once both docs are be >> found to have the same hash, well, game over. > > But if a transaction is automated, it may be too late. For example, if > the document is a bank transfer slip.
If I can control the bank side of presenting an automated transfer slip, I really don’t need to worry about SHA-1 collisions. I already have all your money. -- TTFN, patrick
