Reply to post: Not existence but feasible to find collisions

Dealing with legacy issues around Red Hat crypto versions? Here's a fix


Not existence but feasible to find collisions

>You can no longer use the hash value for identification/integrity purposes once collisions are known to happen<

The algorithm is considered broken if it becomes feasible to find those collisions - not when collisions are known to happen

For SHA-1 there are known attacks that take less effort than brute forcing it thus it is considered broken.

If the number of possible different inputs to an hash algorithm is bigger than the number of different hash values collisions are known (even guaranteed) to exist.

As long as it is difficult to find any collisions the hash algorithm is still fine.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon