David Benjamin writes:
>It meant bugs like OpenSSL's get papered over with SHA-1
That affects a whole lot more than just OpenSSL, a bit like ECDSA means P256
so hash means SHA-1. Try switching to SHA-2 (in non-TLS usage) and you'll
find all the implementations that simply default to SHA-1, or,
On Tuesday, 7 May 2019 01:57:30 CEST Martin Rex wrote:
> Hubert Kario wrote:
> > On Friday, 3 May 2019 16:56:54 CEST Martin Rex wrote:
> >> Hubert Kario wrote:
> >> > We've been over this Martin, the theoretical research shows that for
> >> > Merkle- Damgård functions, combining them doesn't incr
Hubert Kario wrote:
>>
>> Thanks to Peter Gutmann for the summary:
>>
>> https://mailarchive.ietf.org/arch/msg/tls/g0MDCdZcHsvZefv4V8fssXMeEHs
>>
>> which you may have missed.
>
> yes, Joux paper also shows that attacking MD5||SHA1 is harder than attacking
> SHA1 alone
>
> but that does
