Subscribe
Mitigation 1
Already, from Bruce’s comments:
It’s important to qualify what is meant by “broken” — the ability to find collisions weakens the use of a cryptographic hash in digital signatures. The speedup is about 0.0005 over the brute force average for finding a collision.
and
It’s a 2^69 attack against SHA-1, which has the distinct problem of being 32x the complexity of bruting MD5 (2^5 = 32). We never did see a MD5 brute; we needed Wang’s reduction to a 2^24 to 2^32 for us to eventually end up with vectors.
So there’s no need to panic, there’s need for a response and responsible management of this issue.