Web lists-archives.com

Re: Archive no longer accepts uploads signed using SHA-1 or RIPE-MD/160

Wouter Verhelst <wouter@xxxxxxxxxx> writes:

> Uhh? AFAIK, RIPEMD160 is not compromised at all, not even in a
> theoretical attack. Why was this part of the decision taken?

> (there is a theoretical attack against RIPEMD, but that is not the same
> thing as RIPEMD160)

Crypto folks have been dubious about RIPEMD160 for a while for new
applications, just because it's pretty old and doesn't have some of the
nice properties of modern hashes.  It's more proactive than SHA-1 to drop
it, but I support dropping it just as a precautionary measure.  There
isn't a good reason to keep using it so far as I know.

Russ Allbery (rra@xxxxxxxxxx)               <http://www.eyrie.org/~eagle/>