RIP SHA-1

Bruce Schneier writes "SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing.".


Previous rumors about SHA problems this past August were less critical, there were also reports of hash collisions in MD4, MD5, HAVAL-128 and RIPEMD in August; this new paper seems to be from some of the same researchers.


Time to move everything into RIPEMD-160?

New CryptoGram today

Bruce Schneier's Cryptogram is updated on the 15th of the month.

Lately all he ever seems to write about is airport security, seems to lack the insight displayed in previous issues.