Jump to navigation

Poupou's Corner of the Web

Looking for perfect security? Try a wireless brick.
Otherwise you may find some unperfect stuff here...

Weblog

Another one bites the dust

After MD5 last year, it's SHA-1 turn to disappoint us. SHA-1 isn't as good as expected - at 2^69 it's a long way from the advertised 2^80. I guess it's time to review your usage (direct or indirect) of the algorithm.

We're facing an endangered spece when individuals from a spece dies faster than they reproduce. We're sure facing this problem today with hash algorithms. Another analogy is the poor genetic pool, the fact that the SHA-2 family is related to SHA-1. So it's not clear (at least now) how much of the problem the SHA-2 algorithms (SHA-256/224 and SHA-512/384) have inherited.

Not much I can do myself for this problem :-(. Let's hope this news will encourage more people to look for new alternatives...

In the not much category I reopened the SHA-224 support suggestion for framework 2.0 at Microsoft. Please take a few seconds to vote for it. On the bright side support for SHA-224 is already available in Mono.Security.dll (for both Mono and MS runtime users). I'll also update Monodoc with the appropriate warnings...

Addendum: Thanks to the jackson specy for correcting my english ;-)


2/16/2005 12:13:17 | Comments

The views expressed on this website/weblog are mine alone and do not necessarily reflect the views of my employer.