Browse Source

SHA-1 collisions have now been found so update some man pages. As noted by

minek van on misc@. Thanks.
ok tb@, tj@
(and jmc@ is ok with the diff but can't ok the technical content).
OPENBSD_6_1
daniel 7 years ago
parent
commit
214feb8400
1 changed files with 9 additions and 5 deletions
  1. +9
    -5
      src/lib/libc/hash/sha1.3

+ 9
- 5
src/lib/libc/hash/sha1.3 View File

@ -1,4 +1,4 @@
.\" $OpenBSD: sha1.3,v 1.44 2016/09/04 09:24:38 tedu Exp $
.\" $OpenBSD: sha1.3,v 1.45 2017/02/23 20:46:08 daniel Exp $
.\" .\"
.\" Copyright (c) 1997, 2004 Todd C. Miller <Todd.Miller@courtesan.com> .\" Copyright (c) 1997, 2004 Todd C. Miller <Todd.Miller@courtesan.com>
.\" .\"
@ -17,7 +17,7 @@
.\" See http://csrc.nist.gov/publications/fips/fips180-1/fip180-1.txt .\" See http://csrc.nist.gov/publications/fips/fips180-1/fip180-1.txt
.\" for the detailed standard .\" for the detailed standard
.\" .\"
.Dd $Mdocdate: September 4 2016 $
.Dd $Mdocdate: February 23 2017 $
.Dt SHA1INIT 3 .Dt SHA1INIT 3
.Os .Os
.Sh NAME .Sh NAME
@ -61,9 +61,13 @@ The algorithm takes a
message less than 2^64 bits as input and produces a 160-bit digest message less than 2^64 bits as input and produces a 160-bit digest
suitable for use as a digital signature. suitable for use as a digital signature.
.Pp .Pp
The SHA1 functions are considered to be more secure than the
.Xr md5 3
functions with which they share a similar interface.
SHA-1 has been broken; it should only be used where necessary for
backward compatibility.
The attack on SHA-1 is in the nature of finding
.Dq collisions
\(em that is, multiple inputs which hash to the same value.
It is still unlikely for an attacker to be able to determine the exact
original input given a hash value.
.Pp .Pp
The The
.Fn SHA1Init .Fn SHA1Init


Loading…
Cancel
Save