Secure Hash Standard (SHS/SHA) Broken by NSA
Lance Cottrell
lcottrell at popmail.ucsd.edu
Sat Apr 23 02:22:00 PDT 1994
Jim Gillogly Says
> NIST ANNOUNCES TECHNICAL CORRECTION TO SECURE HASH STANDARD
> -----------------------------------------------------------
>
> The National Institute of Standards and Technology today announced it
> will initiate a technical modification to a computer security standard
> used to support the authentication of electronic messages. The
> revision will correct a minor flaw that government mathematicians
> discovered in a formula that underlies the standard.
>
> ... remains a highly secure way to ensure integrity of ...
> NIST expects that products implementing the current standard can be
> used until the technical correction becomes effective.
>
> Researchers at the National Security Agency, who developed the formula
> and discovered the flaw in a continuing evaluation process, now believe
> that although the forumla in FIPS 180 is less secure than originally
> thought, it is still extremely reliable as a technical computer
> security mechanism. The discovery of this flaw indicates the value of
> continued research on existing and new standards.
So, have they mentioned what the problem was, or how to fix it?
--------------------------------------------------
Lance Cottrell who does not speak for CASS/UCSD
loki at nately.ucsd.edu
PGP 2.3 key available by finger or server.
"Love is a snowmobile racing across the tundra. Suddenly
it flips over, pinning you underneath. At night the ice
weasels come."
--Nietzsche
More information about the cypherpunks-legacy
mailing list