[Standards] SHA-1 use in XMPP

Jonas Wielicki jonas at wielicki.name
Fri Jun 16 12:02:00 UTC 2017


On Freitag, 16. Juni 2017 12:25:59 CEST Dave Cridland wrote:
> Folks,
> 
> Since SHA-1 is considered on the way out, now, it'd be useful to
> catalogue where it is currently in use, what danger it poses, and what
> options we have for replacing it - both in terms of protocol
> considerations and practical concerns of deployments.
> 
> The current status of SHA-1 is essentially that is is likely to be
> crackable soon, but only in terms of a long-term effort. So a use of
> SHA-1 where the attacker would have to preimage/collide it rapidly are
> less of an issue than cases where an attacker could spend a couple of
> months over it.
> 
> As an example:
> 
> SCRAM-SHA-1 is our current MTI SASL mechanism. It is used to hash
> long-term credentials. Replacing it would rely on SASL mechanism
> agility; existing client implementations likely rely on it as the MTI
> however.

Is the collision thing an actual problem for SCRAM? (Not saying that we should 
not upgrade soon-ish, but still.)


> What else do we have?

Off the top of my head (surprise): Entity Capabilities (XEP-0115).

There are quite a few matches for sha1 in the xeps repository; didn’t Tobias 
want to make a survey of the existing XEPs?


kind regards,
Jonas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.jabber.org/pipermail/standards/attachments/20170616/04ec6a97/attachment.sig>


More information about the Standards mailing list