SHA1 collisions proven possisble

• Previous message (by thread): SHA1 collisions proven possisble
• Next message (by thread): SHA1 collisions proven possisble
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 23 Feb 2017 17:40:42 -0500, "Ricky Beam" said:

> cost! However this in no way invalidates SHA-1 or documents signed by
> SHA-1.

We negotiate a contract with terms favorable to you.  You sign it (or more
correctly, sign the SHA-1 hash of the document).

I then take your signed copy, take out the contract, splice in a different
version with terms favorable to me.  Since the hash didn't change, your
signature on the second document remains valid.

I present it in court, and the judge says "you signed it, you're stuck with
the terms you signed".

I think that would count as "invalidates documents signed by SHA-1", don't you?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20170223/df3b68b4/attachment.sig>

• Previous message (by thread): SHA1 collisions proven possisble
• Next message (by thread): SHA1 collisions proven possisble
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]