SHA-1 - fail.

As some people have been saying for a while now, SHA-1 has reached it's end of life.

Summary of the paper: SHA-1 collisions now 2^52 (pdf) by Cameron McDonald, Philip Hawkes and Josef Pieprzyk, Macquarie University and Qualcomm, Australia.

More details about how Debian and openpgp are moving away from SHA-1.

So if you're still using SHA-1 (or md5!) time to move onto the next one... SHA-2.

Comments

Popular posts from this blog

Draft 3 of, ^Let's write a unit test!^

Is PostgreSQL good enough?

post modern C tooling - draft 6