Dear Uri, Not sure we are trying to protect from collisions and not from host name's disclosure. On Wed, Jan 5, 2022 at 3:09 PM Blumenthal, Uri - 0553 - MITLL < uri@xxxxxxxxxx> wrote: > What are the cryptographic consequences of host name hah collision? > > My point is - the only reason to consider replacing the algorithm here > would be to avoid varying around another hash that is not usable > cryptographically. > > Regards, > Uri > > > On Jan 5, 2022, at 07:05, Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> wrote: > > > > Dear colleagues, > > > > OpenSSH uses SHA1 without any alternate options for hostname hashing > (looks > > like this is the last place where an alternate option for SHA1 is not > > available). SHA1 HMAC is considered safe enough for now, but it may > change > > so it's definitely worth migrating to more safe algorithms (SHA2?). > > > > I'd like to discuss possible options of such migration. > > > > Many thanks! > > -- > > Dmitry Belyavskiy > > _______________________________________________ > > openssh-unix-dev mailing list > > openssh-unix-dev@xxxxxxxxxxx > > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > -- Dmitry Belyavskiy _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
