Progress on compromising SHA-1
Crypto'06 just finished. One of the interesting
results concerns SHA-1.
A group around Rijmen has found a way to
produce a meaningful collision on a step-reduced
(64, compared to 80 steps) SHA-1. One of the authors,
and speaker, is still a PHD student - remarkable.
Older approaches were not explicitly applicable[3,4],
except for producing garbage messages, if I understood
this correctly. Another evidence of sensationalism present
in certain people of the cryptographic world?
I am happy that SHA-256 and SHA-512 exist :D