Bruce Schneier has a little writeup on this on his blog. This is so huge I can hardly believe it. This will have wide ranging implications for the entire cryptographic community. Every cryptographic application that I have ever written has used SHA-1 in some way, mainly for digital signatures. Heres to hoping that someone will come up with an algorithm that replaces it.
I wonder if in the mean time we will rely on a length based version of the SHA algorithm… say, for data sizes under 1Megabye we use SHA-1, 1Meg - 64Meg SHA-256, etc… I do not know what would be appropriate ranges, but amybe that will work for small to medium amounts of data .
Post a Comment