Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RES: sha-1 cryptography

from [Rodrigo Fernandez] Network Security [Permanent Link]
Subject: RES: sha-1 cryptography
Date: Thu, 22 Dec 2005 17:48:01 -0200 
Hi,

This are my 2cents, correct me if I'm wrong, please...

SHA-1 is not a criptographic algorithm, it's a hash algorithm, and it is known 
that SHA-1 just as all others SHA algorithms have a finite number os 
possibilities for a hash code. It means that two objects could generate the 
same hash code.

The person who "broke" it, simply found two completely different objects with 
the same hash. Nowadays, there are stronger SHA's algorithms, such as SHA-512, 
with 512 bits combination, which is much more difficult to find hash in common. 
Remeber, they're still finite...

I could not tell you the opinion of specialysts, but I can sure tell you that 
you should always use the harder algorithm you can!


[]s





-----Mensagem original-----
De: Enquiries [mailto:enquiries@globalart4u.com]
Enviada em: terça-feira, 20 de dezembro de 2005 16:37
Para: Security-Basics (E-mail)
Assunto: sha-1 cryptography


Dear All

I understand that SHa-1 cryptography has been broken by the same person who
broke MD5, xiaoyun Wang.  So what does that mean for password security and
credit card transactions etc.  Does that mean we will need to look for other
stronger cryptography solutions and if yes what do you recommend, especially
for passwords?

thanks

Tallat


www.macklamm.com - moving to brussels? looking for accommodation?
www.globalart4u.com - art and crafts - give the gift of originality
www.macklamm.org - latest list of vat exempt gold coins for investment now
available

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.1/207 - Release Date: 19/12/05



---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------
*******************************************************************************************
Atenção: Esta mensagem foi enviada para uso exclusivo do(s) destinatários(s) 
acima 
identificado(s), podendo conter informações e/ou documentos 
confidencias/privilegiados e seu sigilo é protegido por lei.
Caso você tenha recebido por engano, por favor, informe o remetente e apague-a 
de 
seu sistema.
Notificamos que é proibido por lei a sua retenção, disseminação, distribuição, 
cópia ou 
uso sem expressa autorização do remetente.
Opiniões pessoais do remetente não refletem, necessariamente, o ponto de vista 
da 
CETIP, o qual é divulgado somente por pessoas autorizadas.
 
 
Attention: This message was sent for exclusive use of the addressees above 
identified, being able to contain information and or privileged/confidential 
documents 
and law protects its secrecies.
In case that you it has received for deceit, please, it informs the shipper and 
erases it 
of your system. 
We notify that law forbids its retention, dissemination, distribution, copy or 
use without 
express authorization. 
Personal opinions of the shipper do not reflect, necessarily, the point of view 
of the 
CETIP, which is only divulged by authorized people.
*******************************************************************************************


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Cracking simple password encryption, David Hogue
Next by Date:  RE: DHCP Appliance based on MAC Authentication, Conlan Adams
Previous by Thread:  SF new column announcement: Tracked by cellphone, Kelly Martin
Next by Thread:  Re: sha-1 cryptography, Saqib Ali
Indexes:  [Date] [Thread] [Top] [All Lists]