PHPDeveloper: PHP News, Views and Community

Subscribe

@phpdeveloper.org

News Archive

Community News: Latest PECL Releases (06.17.2025)

Community News: Latest PECL Releases (06.10.2025)

Community News: Latest PECL Releases (06.03.2025)

Community News: Latest PECL Releases (05.27.2025)

Community News: Latest PEAR Releases (05.26.2025)

Community News: Latest PECL Releases (05.20.2025)

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.06.2025)

Community News: Latest PECL Releases (04.29.2025)

Community News: Latest PECL Releases (04.22.2025)

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Chris Shiflett's Weblog:
SHA-1 Broken

byChris Cornutt Feb 16, 2005 @ 13:23:40

Chris Shiflett has a quick note today that might concern those out there using the SHA-1 encryption in their applications:

I just read on Bruce Schneier's blog that SHA-1 has been broken. Bruce states:

SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing.

He continues: This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result. It pretty much puts a bullet into SHA-1 as a hash function for digital signatures (although it doesn't affect applications such as HMAC where collisions aren't important).

This is a big deal.

Agreed - SHA-1 is used all over the place, and if there is even a shadow of a doubt of its security, that can cause major issues all around the 'net.

tagged:

Link: