[cfarm-users] Is RSA really insecure?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Dec 14 03:44:22 CET 2023
Gregor Riepl via cfarm-users <cfarm-users at lists.tetaneutral.net> writes:
>It's because it relies on SHA-1, and SHA-1 is known to be broken.
It's breakable with a considerable amount of effort for static data. Attacking
it in SSH auth would require the ability to break it in real-time or close to
it, which no-one has come close to doing. Also, it's a collision attack (you
generate two documents with the same hash value) which doesn't apply in this
case since you're signing a fixed transcript hash.
Peter.
More information about the cfarm-users
mailing list