[tahoe-dev] SHA-1 broken!
David-Sarah Hopwood
david-sarah at jacaranda.org
Wed Apr 29 15:56:34 PDT 2009
Zooko O'Whielacronx wrote:
> The people who are suffering from the
> collisions in MD5 and SHA-1 are suffering, not because MD5 or SHA-1
> were suddenly revealed to be insecure, but because they ignored the
> warning messages from cryptographers for many years. (I'm a tad
> irritated about this, since "I tried to tell them" [5] and "They
> wouldn't listen!" [6].)
This is why no attention should be paid to non-cryptographers attempting
to pour scorn on the feasibility of attacks (as in the case of [6]),
even, and perhaps especially, when said non-cryptographers are widely
respected for other reasons.
(The same point applies to other fields of similar complexity and
subtlety to cryptography.)
> [5] http://www.gelato.unsw.edu.au/archives/git/0506/5273.html
> [6] http://www.gelato.unsw.edu.au/archives/git/0506/5299.html
--
David-Sarah Hopwood ⚥
More information about the tahoe-dev
mailing list