SHA1 collisions proven possisble
valdis.kletnieks at vt.edu
valdis.kletnieks at vt.edu
Thu Feb 23 23:21:19 UTC 2017
On Thu, 23 Feb 2017 17:40:42 -0500, "Ricky Beam" said:
> cost! However this in no way invalidates SHA-1 or documents signed by
> SHA-1.
We negotiate a contract with terms favorable to you. You sign it (or more
correctly, sign the SHA-1 hash of the document).
I then take your signed copy, take out the contract, splice in a different
version with terms favorable to me. Since the hash didn't change, your
signature on the second document remains valid.
I present it in court, and the judge says "you signed it, you're stuck with
the terms you signed".
I think that would count as "invalidates documents signed by SHA-1", don't you?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20170223/df3b68b4/attachment.sig>
More information about the NANOG
mailing list