[Standards] SHA-1 use in XMPP

Evgeny Khramtsov xramtsov at gmail.com
Thu Jun 22 15:20:06 UTC 2017


Fri, 16 Jun 2017 13:33:55 +0100
Dave Cridland <dave at cridland.net> wrote:

> On 16 June 2017 at 13:02, Jonas Wielicki <jonas at wielicki.name> wrote:
> > Is the collision thing an actual problem for SCRAM? (Not saying
> > that we should not upgrade soon-ish, but still.)
> >  
> 
> Assuming that one could extract the SCRAM hashes while they're still
> valid, yes. XMPP lacks a way to require a password change (though I
> intend getting that into SASL2), so there's not much mitigation here.

How that? You need a preimage attack which doesn't exist even for MD5
(ok, there exist some attacks, but not much better than brute force).


More information about the Standards mailing list