SHA-1 Broken
Nanolith writes "From Bruce Schneier's weblog: 'SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing. The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper announcing their results...'" Note, though, that Schneier also writes "The paper isn't generally available yet. At this point I can't tell if the attack is real, but the paper looks good and this is a reputable research team."
And I just got done upgrading from MD5.
A lot of companies and products use SHA1 in some form or another. Does this mean that we can arrest and imprison these "researchers" if they ever step foot in America?
Time to change the VPN policies
... to SHA-2!
If you don't switch to the newest, latest hashing algorithm, you will die horribly when your corrupted emacs RPM performs malicious code!!! Everyone, delete everything and log off of the Internets now!!! We're all gonna die!!! HELP!!!
"Anyone who attempts to generate random numbers by deterministic means is living in a state of sin." -- John von Neumann
Bruce sits at his desk, reading over the encrypted e-mail sent to him about breaking SHA-1, when a loud scream echoes from his office
I JUST SENT OUT MY NEWSLETTER THIS MORNING!
Slackware, what else when it must be secure, stable, and easy?
thank god ROT-13 will never be cracked.
I noticed using ROT-2 gave what looked like a kinda-close decryption of ROT-13. So I started trying ROT-3, then ROT-4, I got as far as ROT-12 before I got bored and gave up, but it was showing great promise!
Education is a better safeguard of liberty than a standing army.
Edward Everett (1794 - 1865)
That's nothing. ROT-26 offers the best encryption as of yet!
I can't read your post, it seems to be encrypted in that new ROT-26 scheme.
Video Production Support
What someone really ought to do is use ROT-7.5 twice to decrypt ROT-13.
Si la vida me da palo, yo la voy a soportar Si la vida me da palo, yo la voy a espabilar
I think ROT-65536 would work even better, especially for Unicode.
Beware: In C++, your friends can see your privates!
That is nothing. This post has been encrypted with an unbreakable one-time-pad! TWICE!
I hope they get it fixed soon.
At least they gave the algorithm. If their synopsis is indicative of the paper, they illustrate that SHA-1 has collisions, and collisions can be discovered through the awesomely sophisticated technique of brute force. Pardon me while I dust off my bomb shelter.
Let's wait for the actual paper. If it takes more CPU power to force a collision within a year than the whole of what IBM sells in that year, I think that the hash is doing its job...
I am no longer wasting my time with slashdot