On Monday 21 February 2005 00:18, SkyFlash wrote:
[...] Agreed to that.
4. If your information is worth attacking, it may be worth protecting. But, is it really? I know that I have nothing in my possession that may make someone bruteforce 2^69 SHA-1 hashes to get to it. You may have something... but not everyone does.
This is true but at the same time a very dangerous argument. The problem is if an algorithm has such a severe weakness that cuts off that much from its strength we really have no clue if this attack can't be expanded much more. When the Chinese scientists release more information about their attack maybe someone else might be able to shrink SHA-1 to 2^50 or even 2^40, you just can't know but it certainly wouldn't surprise us much. The problem is not that SHA-1 is now at 2^69, the problem is that SHA-1 has not the security we thought it had and we have no clue to what degree this attack might be extended, this boils down the remaining security of SHA-1 to be just luck nothing more. SHA-1 is just gone. Malte