SHA1 collisions proven possisble

valdis.kletnieks at valdis.kletnieks at
Thu Feb 23 20:57:35 UTC 2017

On Thu, 23 Feb 2017 15:03:34 -0500, "Patrick W. Gilmore" said:

> For instance, someone cannot take Verisign’s root cert and create a cert
> which collides on SHA-1. Or at least we do not think they can. We’ll know in 90
> days when Google releases the code.

>From the announce:

"It is now practically possible to craft two colliding PDF files and obtain a
SHA-1 digital signature on the first PDF file which can also be abused as a
valid signature on the second PDF file."

So they're able to craft two objects that collide to the same unpredictable
hash, but *not* produce an object that collides to a pre-specified hash.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list