diff options
author | Nick Mathewson <nickm@torproject.org> | 2009-05-08 12:49:15 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2009-05-08 12:52:18 -0400 |
commit | 65bc78aa26995e3404ef469a677416877d4af77a (patch) | |
tree | 8abd5128610cf6626d022db670f4039c32fb68f1 /proposals/ideas | |
parent | 0fbb2f108956dd558f13c08a7dde0aff98cfbf34 (diff) | |
download | torspec-65bc78aa26995e3404ef469a677416877d4af77a.tar.gz torspec-65bc78aa26995e3404ef469a677416877d4af77a.zip |
Remove some stuff from the SHA-1 paragraph.
We don't need to explain the difference between 2nd preimage and
collision: anybody who doesn't know can use wikipedia.
Diffstat (limited to 'proposals/ideas')
-rw-r--r-- | proposals/ideas/xxx-what-uses-sha1.txt | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/proposals/ideas/xxx-what-uses-sha1.txt b/proposals/ideas/xxx-what-uses-sha1.txt index 10ada5f..b3ca3ee 100644 --- a/proposals/ideas/xxx-what-uses-sha1.txt +++ b/proposals/ideas/xxx-what-uses-sha1.txt @@ -75,18 +75,14 @@ Triage SHA-1 usage that depends on collision resistance and doesn't need the attacker to have any special keys. - There is no need to put much effort into fixing PREIMAGE and - SECOND PREIMAGE usages in the near-term: while SHA-1 is - theoretically broken with regards to those attacks, no practical - attack has been published as far as we know. The difference - between finding any collisions and finding a second preimage is - like the difference between finding any two people with the same - birthday and finding someone with the same birthday as you - personally. To fix COLLISION<code-signing> usages is not too - important either, since anyone who has the key to sign the code - can mount far worse attacks. It would be good to fix - COLLISION<authority> usages, since we try to resist bad authorities - to a limited extent. The COLLISION usages are the most important + There is no need to put much effort into fixing PREIMAGE and SECOND + PREIMAGE usages in the near-term: while there have been some + theoretical results doing these attacks against SHA-1, they don't + seem to be close to practical yet. To fix COLLISION<code-signing> + usages is not too important either, since anyone who has the key to + sign the code can mount far worse attacks. It would be good to fix + COLLISION<authority> usages, since we try to resist bad authorities + to a limited extent. The COLLISION usages are the most important to fix. Kelsey and Schneier published a theoretical second preimage attack |