Update to reflect that SHA-1 has now been broken.
Submitted by: ak MFC after: 1 week
This commit is contained in:
parent
076ad2f836
commit
c74cccf0f8
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=314528
@ -1,5 +1,5 @@
|
|||||||
.\" $FreeBSD$
|
.\" $FreeBSD$
|
||||||
.Dd January 7, 2017
|
.Dd March 2, 2017
|
||||||
.Dt MD5 1
|
.Dt MD5 1
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
@ -84,21 +84,17 @@ in a secure manner before being encrypted with a private
|
|||||||
key under a public-key cryptosystem such as
|
key under a public-key cryptosystem such as
|
||||||
.Tn RSA .
|
.Tn RSA .
|
||||||
.Pp
|
.Pp
|
||||||
|
The
|
||||||
.Tn MD5
|
.Tn MD5
|
||||||
has been completely broken as far as finding collisions is
|
and
|
||||||
concerned, and should not be relied upon to produce unique outputs.
|
|
||||||
This also means that
|
|
||||||
.Tn MD5
|
|
||||||
should not be used as part of a cryptographic signature scheme.
|
|
||||||
At the current time (2014-05-17) there is no publicly known method to
|
|
||||||
.Dq reverse
|
|
||||||
MD5, i.e., to find an input given a hash value.
|
|
||||||
.Pp
|
|
||||||
.Tn SHA-1
|
.Tn SHA-1
|
||||||
currently (2014-05-17) has no known collisions, but an attack has been
|
algorithms have been proven to be vulnerable to practical collision
|
||||||
found which is faster than a brute-force search, placing the security of
|
attacks and should not be relied upon to produce unique outputs, nor
|
||||||
.Tn SHA-1
|
should they be used as part of a cryptographic signature scheme.
|
||||||
in doubt.
|
As of 2016-03-02, there is no publicly known method to
|
||||||
|
.Em reverse
|
||||||
|
either algorithm, i.e. to find an input that produces a specific
|
||||||
|
output.
|
||||||
.Pp
|
.Pp
|
||||||
.Tn SHA-512t256
|
.Tn SHA-512t256
|
||||||
is a version of
|
is a version of
|
||||||
@ -111,6 +107,8 @@ The hashes are not interchangeable.
|
|||||||
.Pp
|
.Pp
|
||||||
It is recommended that all new applications use
|
It is recommended that all new applications use
|
||||||
.Tn SHA-512
|
.Tn SHA-512
|
||||||
|
or
|
||||||
|
.Tn SKEIN-512
|
||||||
instead of one of the other hash functions.
|
instead of one of the other hash functions.
|
||||||
.Pp
|
.Pp
|
||||||
The following options may be used in any combination and must
|
The following options may be used in any combination and must
|
||||||
|
Loading…
Reference in New Issue
Block a user