Difference between revisions of "SHA-1 (deprecated)"

From wikieduonline
Jump to navigation Jump to search
(Redirected page to Sha)
Tag: New redirect
 
 
(12 intermediate revisions by 2 users not shown)
Line 1: Line 1:
#redirect [[sha]]
+
[[wikipedia:SHA-1]] is deprecated
 +
 
 +
== Status ==
 +
* Disabled in [[OpenSSH 8.8]] September 2021
 +
* Not supported in [[Terraform changelog|Terraform]] since 1.2 (May 2022)
 +
 
 +
== Attacks ==
 +
[[Certificates]] are at special risk to the aforementioned [[SHA1 collision]] vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief [[LoginGraceTime]] window that they have to forge a host key signature.
 +
 
 +
== Related ==
 +
* [[BLAKE2s]] [[Linux Kernel 5.17]]
 +
 
 +
== See also ==
 +
* {{sha}}
 +
* {{OpenSSH}}
 +
 
 +
[[Category:Security]]

Latest revision as of 06:21, 31 August 2022

wikipedia:SHA-1 is deprecated

Status[edit]

Attacks[edit]

Certificates are at special risk to the aforementioned SHA1 collision vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief LoginGraceTime window that they have to forge a host key signature.

Related[edit]

See also[edit]

Advertising: