Secure Hash Standard (SHS/SHA) Broken by NSA
Jim Gillogly
jim at mycroft.rand.org
Fri Apr 22 16:08:19 PDT 1994
Just received a NIST Media Advisory (April 22, 1994, contact Anne Enright
Shepherd). I'll pick out some sample sentences:
NIST ANNOUNCES TECHNICAL CORRECTION TO SECURE HASH STANDARD
-----------------------------------------------------------
The National Institute of Standards and Technology today announced it
will initiate a technical modification to a computer security standard
used to support the authentication of electronic messages. The
revision will correct a minor flaw that government mathematicians
discovered in a formula that underlies the standard.
... remains a highly secure way to ensure integrity of ...
NIST expects that products implementing the current standard can be
used until the technical correction becomes effective.
Researchers at the National Security Agency, who developed the formula
and discovered the flaw in a continuing evaluation process, now believe
that although the forumla in FIPS 180 is less secure than originally
thought, it is still extremely reliable as a technical computer
security mechanism. The discovery of this flaw indicates the value of
continued research on existing and new standards.
...
It goes on to describe the standard in general terms and NIST's role.
There's no quantification about how badly it's broken in terms of (say)
effective number of bits of protection; seems logical that it's pretty
severe (i.e. well under 160) if it's bad enough for them to go public with
the fix.
Know any other existing or new standards that could use continued research?
Jim Gillogly
1 Thrimidge S.R. 1994, 23:07
More information about the cypherpunks-legacy
mailing list