Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎01-09-2020 09:15 PM
‎01-09-2020 09:15 PM

SHA-1 Practical Attack

SHA-1, are you kidding me? Nobody uses that! Guess again my friend. Although it has been slowly phased out over the past five years, it remains far from being fully deprecated. It's still the default hash function for certifying PGP keys in the legacy 1.4 version branch of GnuPG, the open-source successor to PGP application for encrypting email and files. Those SHA1-generated signatures were accepted by the modern GnuPG branch until recently, and were only rejected after the researchers behind the new "chosen-prefix" collision attack privately reported their results. Here is a link to the academic paper "SHA-1 is a Shambles".

Reply
0 Kudos
0 Replies