tag:blogger.com,1999:blog-4503292949532760618.post7209830080251475333..comments2024-03-28T13:39:27.601-07:00Comments on DSHR's Blog: SHA1 is deadDavid.http://www.blogger.com/profile/14498131502038331594noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-4503292949532760618.post-4368009604117491772020-01-07T09:31:49.709-08:002020-01-07T09:31:49.709-08:00In PGP keys, software security, and much more thre...In <a href="https://arstechnica.com/information-technology/2020/01/pgp-keys-software-security-and-much-more-threatened-by-new-sha1-exploit/" rel="nofollow"><i>PGP keys, software security, and much more threatened by new SHA1 exploit</i></a>, Dan Goodin reports that SHA1 is now even dead-er:<br /><br />"The attack demonstrated Tuesday is the first known chosen prefix collision on SHA1. To demonstrate its potency, researchers Gaëtan Leurent and Thomas Peyrin of Inria France and the Nanyang Technological University in Singapore respectively, used the collision to perform a PGP/GnuPG impersonation attack."David.https://www.blogger.com/profile/14498131502038331594noreply@blogger.com