Threat Post

Practical SHA-1 Collision Months, Not Years, Away

New research into attacks against the SHA-1 cryptographic algorithm lessen the cost and time to arrive at a practical collision. When Bruce Schneier made his oft-cited and mathematically sound ...
Ars Technica

Collision attacks - How do they work?

I was reading the new Ars article about Microsoft's decision to retire SHA-1 due to its vulnerability to collision attacks. The article mentions the well-publicized Flame attack of 2012, a key ...
Ars Technica

How do you know when md5 will bite you with collisions?

1) It is trivial for someone to cause a collision (in fact effectively indefinitely many) with other inputs they control. 2) It's almost certainly not too hard for someone motivated to generate ...
Threat Post

Microsoft Starts Countdown on Eliminating MD5

Microsoft has given customers six months to find MD5 installations and prepare for a February 2014 patch that will block the broken algorithm. The clock is running on Windows administrators to sweep ...