diff options
| author | Nick Mathewson <nickm@torproject.org> | 2009-05-08 12:49:15 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2009-05-08 12:52:18 -0400 |
| commit | 183b5905bb58c8ce21cc25d8c97193e699cb767a (patch) | |
| tree | cffd3442a5b230cae284596316586ca7d3d03302 | |
| parent | 7a2c8e55afc3a83969215da60e3652097b2ba44a (diff) | |
| download | tor-183b5905bb58c8ce21cc25d8c97193e699cb767a.tar.gz tor-183b5905bb58c8ce21cc25d8c97193e699cb767a.zip | |
Remove some stuff from the SHA-1 paragraph.
We don't need to explain the difference between 2nd preimage and
collision: anybody who doesn't know can use wikipedia.
| -rw-r--r-- | doc/spec/proposals/ideas/xxx-what-uses-sha1.txt | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/doc/spec/proposals/ideas/xxx-what-uses-sha1.txt b/doc/spec/proposals/ideas/xxx-what-uses-sha1.txt index 10ada5f33a..b3ca3eea5a 100644 --- a/doc/spec/proposals/ideas/xxx-what-uses-sha1.txt +++ b/doc/spec/proposals/ideas/xxx-what-uses-sha1.txt @@ -75,18 +75,14 @@ Triage SHA-1 usage that depends on collision resistance and doesn't need the attacker to have any special keys. - There is no need to put much effort into fixing PREIMAGE and - SECOND PREIMAGE usages in the near-term: while SHA-1 is - theoretically broken with regards to those attacks, no practical - attack has been published as far as we know. The difference - between finding any collisions and finding a second preimage is - like the difference between finding any two people with the same - birthday and finding someone with the same birthday as you - personally. To fix COLLISION<code-signing> usages is not too - important either, since anyone who has the key to sign the code - can mount far worse attacks. It would be good to fix - COLLISION<authority> usages, since we try to resist bad authorities - to a limited extent. The COLLISION usages are the most important + There is no need to put much effort into fixing PREIMAGE and SECOND + PREIMAGE usages in the near-term: while there have been some + theoretical results doing these attacks against SHA-1, they don't + seem to be close to practical yet. To fix COLLISION<code-signing> + usages is not too important either, since anyone who has the key to + sign the code can mount far worse attacks. It would be good to fix + COLLISION<authority> usages, since we try to resist bad authorities + to a limited extent. The COLLISION usages are the most important to fix. Kelsey and Schneier published a theoretical second preimage attack |