SHA1 collisions proven possisble

valdis.kletnieks at valdis.kletnieks at
Mon Feb 27 13:39:34 UTC 2017

On Mon, 27 Feb 2017 07:23:43 -0500, Jon Lewis said:
> On Sun, 26 Feb 2017, Keith Medcalf wrote:
> > So you would need 6000 years of computer time to compute the collision
> > on the SHA1 signature, and how much additional time to compute the
> > trapdoor (private) key, in order for the cert to be of any use?
> 1) Wasn't the 6000 years estimate from an article >10 years ago?
> Computers have gotten a bit faster.

No, Google's announcement last week said their POC took 6500 CPU-years
for the first phase and 110 GPU-accelerated for the second phase.

You are totally on target on your second point.  A million node botnet
reduces it to right around 60 hours.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list