[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SHA1 collisions proven possisble

Subject: SHA1 collisions proven possisble
From: jlewis at lewis.org (Jon Lewis)
Date: Mon, 27 Feb 2017 07:23:43 -0500 (EST)
In-reply-to: <[email protected]>
References: <[email protected]>

On Sun, 26 Feb 2017, Keith Medcalf wrote:

> So you would need 6000 years of computer time to compute the collision 
> on the SHA1 signature, and how much additional time to compute the 
> trapdoor (private) key, in order for the cert to be of any use?

1) Wasn't the 6000 years estimate from an article >10 years ago? 
Computers have gotten a bit faster.

2) I suspect the sort of person interested in doing this, unburdened by 
ethics, would have no issues using a large botnet to speed up the process. 
How long does it take if you have a million PCs working on the problem?

----------------------------------------------------------------------
  Jon Lewis, MCP :)           |  I route
                              |  therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

Follow-Ups:
- SHA1 collisions proven possisble
  - From: valdis.kletnieks at vt.edu (valdis.kletnieks at vt.edu)

References:
- SHA1 collisions proven possisble
  - From: kmedcalf at dessus.com (Keith Medcalf)

Prev by Date: SHA1 collisions proven possisble
Next by Date: SHA1 collisions proven possisble
Previous by thread: SHA1 collisions proven possisble
Next by thread: SHA1 collisions proven possisble
Index(es):
- Date
- Thread