The standard response to "where to now" seems to be Whirlpool [http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html]. That or Tiger [http://www.cs.technion.ac.il/~biham/Reports/Tiger/]. The team which has cracked SHA1 is the same that cracked MD5 and exposed weaknesses in the RIPEMD model. They're good. And they've shown that what I would've thought to be the Next Best Thing - RIPEMD - is yet another flawed system. -mjec -- http://mine.mjec.net/ On Wed, 16 Feb 2005 14:56:27 +0200, Gadi Evron <gadi@xxxxxxxxxxxxx> wrote: > Now, we've all seen this coming for a while. > http://www.schneier.com/blog/archives/2005/02/sha1_broken.html > > Where do we go from here? > > Gadi. >
