| |
SHA-0 and SHA-1 should be retired |
|
|
Subject: SHA-0 and SHA-1 should be retired
Author: X509
In response to: Secure Hash Algorithm: SHA-0, SHA-1, SHA-2, SHA-3
Posted on: 07/07/2010 02:29:19 PM
SHA-1 is very similar to SHA-0, but corrects an error in the original SHA hash specification that led to significant weaknesses. The SHA-0 algorithm was not adopted by many applications.
A successful attack on SHA-1 was reported in 2005 and for this reason SHA-1 should be kicked out of govenment use. "Federal agencies should stop using SHA-1 for...applications that require collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these applications after 2010" -- NIST.gov
>
> On 07/07/2010 02:26:41 PM X509 wrote:
SHA stands for Secure Hash Algorithm.
SHA-0, SHA-1, and SHA-2 are currently used and well known cryptographic hash functions which are designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard (FIPS).
SHA-3 will become a FIPS standard around 2012 according to NIST.gov
References:
|
|
|
|
