Especially if that "document" is a component of a ciphersuite exchange. --Dave -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of valdis.kletnieks@vt.edu Sent: Thursday, February 23, 2017 9:22 PM To: Ricky Beam <jfbeam@gmail.com> Cc: nanog@nanog.org Subject: Re: SHA1 collisions proven possisble On Thu, 23 Feb 2017 21:10:42 -0500, "Ricky Beam" said:
When you can do that in the timespan of weeks or days, get back to me. Today, it takes years to calculate a collision, and you have to start with a document specifically engineered to be modified. (such documents are easily spotted upon inspection: why does this word doc contain two documents?)
That question never arises, because this word doc contains only one document. The *OTHER* word doc also contains only one document.
You can't take any random document, modify it to say what you want, and keep the same hash. People still haven't been able to do that with MD5, and that's been "broken" for a long time.
That doesn't change the fact that if I can get you to sign a document I present to you, I can still have lots of fun at your expense.