[RESEARCH] How to make it widespread

cr-marcstevens / sha1collisiondetection

Library and command line tool to detect SHA-1 collision in a file

Other

1.3k stars 179 forks source link

[RESEARCH] How to make it widespread #49

Closed sergeevabc closed 5 years ago

sergeevabc commented 5 years ago

Dear Marc Stevens and Dan Shumow, There are a variety of tools to calculate SHA1 that could benefit from including your library. But what’s the proper argumentation to move its authors to do that? For example, I asked RHash’s author to “reinforce SHA1 against collisions” which led to confusion.

shumow commented 5 years ago

I see @cr-marcstevens weighed in on the thread that you used. His argument is pretty good. I would just try to show and argue what potential security ramifications a SHA-1 collision could cause.

shumow commented 5 years ago

Also, I'm going to close this, as it is not an "issue" with our library, per se.