[Standards] SHA-1 use in XMPP

Peter Saint-Andre stpeter at stpeter.im
Fri Jun 16 12:47:24 UTC 2017


On 6/16/17 5:25 AM, Dave Cridland wrote:
> Folks,
> 
> Since SHA-1 is considered on the way out, now, it'd be useful to
> catalogue where it is currently in use, what danger it poses, and what
> options we have for replacing it - both in terms of protocol
> considerations and practical concerns of deployments.
> 
> The current status of SHA-1 is essentially that is is likely to be
> crackable soon, but only in terms of a long-term effort. So a use of
> SHA-1 where the attacker would have to preimage/collide it rapidly are
> less of an issue than cases where an attacker could spend a couple of
> months over it.
> 
> As an example:
> 
> SCRAM-SHA-1 is our current MTI SASL mechanism. It is used to hash
> long-term credentials. Replacing it would rely on SASL mechanism
> agility; existing client implementations likely rely on it as the MTI
> however.
> 
> What else do we have?

These uses are catalogued in XEP-0300, no? If that's not complete, let's
make it so.

Peter




More information about the Standards mailing list