[cryptography] Should Sha-1 be phased out?

Joachim Strömbergson Joachim at Strombergson.com
Tue Oct 20 04:00:50 EDT 2015


Aloha!

ianG wrote:
> On 15/10/2015 20:50 pm, Michael Kjörling wrote:
>> On 14 Oct 2015 13:39 -0400, from kevinsisco61784 at gmail.com (Kevin):
>>> http://www.networkworld.com/article/2990801/sha-1-hashing-algorithm-could-succumb-to-75k-attack-researchers-say.html
>>>
>>
>> To answer the question in the subject line: SHA-1 is already being
>> phased out, particularly in areas where collision resistance matters.
> 
> 
> In general, yes.  Since around 2000 and the release of SHA2 family, SHA1
> has been a target for replacement for any collision weakness.

How I wish that would be the truth.

Esp in embedded space, md5 is still very, very common even in new
designs. And SHA-1 is the new black.

A typical setup is that someone has found out that there is a secure
hash function called md5 and decided to implement it in their new
system. When told that md5 is in fact broken since ages, the response is
usually a at the moment-decision that it is not used for security, and
that the application doesn't really have any security implications (i.e.
that the service performed by the system has no value).

Just like the war cry "use bcrypt!" we need to shout "kill md5!" over
and over again until it reaches into the embedded dungeons.

And then SHA-1. And RC4. And DES.

-- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 905 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20151020/33f80c6b/attachment.asc>


More information about the cryptography mailing list