Re: Archive no longer accepts uploads signed using SHA-1 or RIPE-MD/160
Wouter Verhelst <wouter@debian.org> writes:
> Uhh? AFAIK, RIPEMD160 is not compromised at all, not even in a
> theoretical attack. Why was this part of the decision taken?
> (there is a theoretical attack against RIPEMD, but that is not the same
> thing as RIPEMD160)
Crypto folks have been dubious about RIPEMD160 for a while for new
applications, just because it's pretty old and doesn't have some of the
nice properties of modern hashes. It's more proactive than SHA-1 to drop
it, but I support dropping it just as a precautionary measure. There
isn't a good reason to keep using it so far as I know.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: