Is the reason that collision attacks on hash functions rarely get expended to preimage attacks: (a). preimage attacks are much more difficult? (b). Or once collision attacks are shown hash is retired so researcher have no incentive to extend the attack? @zooko
-
-
sha-1 stopped being used for a bunch of things after collisions, md5 was retired after TLS certs were forged with a collision attack, any SHA-3 candidate that was shown to have collisions was no longer in the running
-
SHA-1 is still very widely used. MD5 (single round, no salt) is still often used for storing passwords...
-
That's a fair point. Talking from the perspective of someone who considered writing a paper exploiting md5 weaknesses, the sense that I got was that no one would care. I wrote another paper instead.
-
For papers, nobody cares unless it's new and shiny. Meanwhile real-world attackers are enjoying decades-old vulnerabilities and weaknesses while researchers play with shiny new toys.
-
How would you fix that? Should people write papers like: "unsalted md5 is still a bad idea". I doubt the people making these mistakes follow research.
-
No, but expanding the knowledge of ways to attack md5 is worthy of papers still I think. Surveys of prevalence of outdated hashes in incidents would also be, I think.
-
Hard agree!
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
