dave at cridland.net
Thu Feb 23 14:44:21 UTC 2017
On 23 February 2017 at 14:19, Peter Waher <peterwaher at hotmail.com> wrote:
> SHA-1 is used in many places throughout XMPP. Examples include
> authentication mechanisms (SCRAM-SHA-1) and entity capabilities (XEP-0115),
> for instance. Concerning the recent report about vulnerabilities found in
> SHA-1, should there be an effort to upgrade all these to SHA-256 or later?
The sky hasn't fallen quite yet. A lot of effort is needed to generate a
collision, and collisions are especially hard to do if you're after a
second preimage attack on a short input.
As far as I'm aware, this is merely a single first preimage attack -
finding two inputs which produce the same output. A second preimage attack
starts with a known, fixed, output (or an input) and attempts to find
another input that will produce it.
An attack on SCRAM, etc, would rely on a second preimage attack, as would
XEP-0115, etc. Quite honestly, SCRAM is fair easier to brute-force than
generate a collision, due to the small search space used by passwords,
So summary: Yes, we do need to upgrade from SHA-1, but there's no panic,
and we can take the time to do things properly.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Standards