SHA-1 (deprecated)

From wikieduonline
Jump to navigation Jump to search

Status[edit]

Attacks[edit]

Certificates are at special risk to the aforementioned SHA1 collision vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief LoginGraceTime window that they have to forge a host key signature.

Related[edit]

See also[edit]

Advertising: