A Competition To Replace SHA-1

SHA who? writes "In light of recent attacks on SHA-1, NIST is preparing for a competition to augment and revise the current Secure Hash Standard. The public competition will be run much like the development process for the Advance Encryption Standard, and is expected to take 3 years. As a first step, NIST is publishing draft minimum acceptability requirements, submission requirements, and evaluation criteria for candidate algorithms, and requests public comment by April 27, 2007. NIST has ordered Federal agencies to stop using SHA-1 and instead to use the SHA-2 family of hash functions."

Re:Generic hashing is impractical

[LiquidCoooled]

The whole point of the fucking article is that some researcher found a method that was 2000 times less work to find a collision in SHA-1, hence making it feasible to do.
If that had not been done then I would agree with you and we wouldn't even be having this discussion.

Recent years have seen a stream of ever-more-refined attacks on MD5 and SHA-1--including, notably, Wang's team's results on SHA-1, which permit finding collisions in SHA-1 about 2,000 times more quickly than brute-force guessing. Wang's technique makes attacking SHA-1 efficient enough to be feasible.

I was simply considering an alternative method which was content specific hence making it impractical to extend a document to insert extra data and get a match.

Re:Schneier Proposed this in 2005

[trifish]

Meta-mods will take care of you, don't worry, "moderator".

Feel free to discredit yourself as a moderator by modding me down. I've got PLENTY of karma to burn. :-)