SHA-1 (deprecated)

From wikieduonline
Revision as of 06:20, 31 August 2022 by Cry (talk | contribs) (→‎Status)
Jump to navigation Jump to search

Status

Attacks

Certificates are at special risk to the aforementioned SHA1 collision vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief LoginGraceTime window that they have to forge a host key signature.

Related

See also

Advertising: