From: | R0b0t1 <r030t1@×××××.com> | ||
---|---|---|---|
To: | "gentoo-user@l.g.o" <gentoo-user@l.g.o> | ||
Subject: | Re: [gentoo-user] SHA-1 has just been broken | ||
Date: | Sun, 26 Feb 2017 03:35:11 | ||
Message-Id: | CAAD4mYiurZZy=4GUYpsMZK6nTNYedwoxRrHXuUyZM7cU4vwgOg@mail.gmail.com | ||
In Reply to: | [gentoo-user] SHA-1 has just been broken by Miroslav Rovis |
1 | On Saturday, February 25, 2017, Miroslav Rovis <miro.rovis@××××××××××××××.hr> |
2 | wrote: |
3 | > |
4 | https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html |
5 | > |
6 | > -- |
7 | > Miroslav Rovis |
8 | > Zagreb, Croatia |
9 | > http://www.CroatiaFidelis.hr |
10 | > |
11 | |
12 | Very interesting. The first useful SHA-1 collision was, if I remember, done |
13 | in 2015, and subverted an HTTPS certificate (though not one which had been |
14 | issued). This was some guys with a couple of servers lined with graphics |
15 | cards. |
16 | |
17 | Seeing someone manage to do it in a garage a number of years before it was |
18 | cosidered feasible should, hopefully, make you have more conservative |
19 | estimates of the strength of modern cryptography. |
20 | |
21 | Aside: |
22 | http://ecrypt-eu.blogspot.com/2015/11/break-dozen-secret-keys-get-million.html |
23 | |
24 | R0b0t1. |
Subject | Author |
---|---|
Re: [gentoo-user] SHA-1 has just been broken | Miroslav Rovis <miro.rovis@××××××××××××××.hr> |