SHA1 collisions proven possisble

valdis.kletnieks at valdis.kletnieks at
Fri Feb 24 02:22:21 UTC 2017

On Thu, 23 Feb 2017 21:10:42 -0500, "Ricky Beam" said:

> When you can do that in the timespan of weeks or days, get back to me.
> Today, it takes years to calculate a collision, and you have to start with
> a document specifically engineered to be modified. (such documents are
> easily spotted upon inspection: why does this word doc contain two
> documents?)

That question never arises, because this word doc contains only one document.

The *OTHER* word doc also contains only one document.

> You can't take any random document, modify it to say what you
> want, and keep the same hash. People still haven't been able to do that
> with MD5, and that's been "broken" for a long time.

That doesn't change the fact that if I can get you to sign a document I
present to you, I can still have lots of fun at your expense.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list