« XSL XML | Main | 新年新系统与绿色软件 »
February 16, 2005
今天两条消息 SHA-1 broken 和 RHEL 4
|
版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本声明。 https://windtear.net/archives/2005/02/16/000577.html http://windtear.net/archives/2005/02/16/000577.html 1. http://www.schneier.com/blog/archives/2005/02/sha1_broken.html February 15, 2005SHA-1 BrokenSHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing. The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper announcing their results:
This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result. It pretty much puts a bullet into SHA-1 as a hash function for digital signatures (although it doesn't affect applications such as HMAC where collisions aren't important). The paper isn't generally available yet. At this point I can't tell if the attack is real, but the paper looks good and this is a reputable research team. More details when I have them. Posted on February 15, 2005 at 07:15 PM 2. http://www.redhat.com/magazine/004feb05/features/enterprise/ http://www.redhat.com/software/rhel/features/ 采用 2.6 的内核 lvm 升级 SELinux 安全增强 策略控制 udev 桌面使用加入firefox 升级evolution到2.0 IIIMF 输入法框架 -----> 2004-09-05 22:29 我爱网络 hao123 的成功与 MD5 碰撞 2004-08-20 19:07 我爱网络 MD5 SHA-0 双双被攻破 安全界一片血雨腥风 hao123 的成功与 MD5 碰撞 MD5 SHA-0 双双被攻破 安全界一片血雨腥风 |
Posted by windtear at February 16, 2005 7:39 PM
