SHA-1 collision attacks are now actually practical and a looming danger

Discussion in 'Serious Discussion' started by Mr.X, May 13, 2019.

  1. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    6,304
    13,994
    210
    Research duo showcases first-ever SHA-1 chosen-prefix collision attack.

    https://www.zdnet.com/article/sha-1...-now-actually-practical-and-a-looming-danger/
    Research paper (PDF): https://eprint.iacr.org/2019/459.pdf

     
  2. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    6,304
    13,994
    210
    BLAKE2 — fast secure hashing

    BLAKE2 comes in two flavors:
    • BLAKE2b (or just BLAKE2) is optimized for 64-bit platforms—including NEON-enabled ARMs—and produces digests of any size between 1 and 64 bytes
    • BLAKE2s is optimized for 8- to 32-bit platforms and produces digests of any size between 1 and 32 bytes

    Which one or both to adopt here in MDL as a default checksum?
     
  3. LostED

    LostED SVF Patch Lover

    Jul 30, 2009
    5,269
    12,980
    180
    till HashCheck get BLAKE2 i stay on SHA2/SHA3
     
  4. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    2,906
    2,534
    90
    I'm using SHA512 with HashCheck. Hashtab has BLAKE2sp.
     
  5. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    6,304
    13,994
    210
  6. LostED

    LostED SVF Patch Lover

    Jul 30, 2009
    5,269
    12,980
    180
    @Mr.X

    yes
    i just like the output checksums format