diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2017-02-23 13:57:55 -0500 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-02-23 12:57:55 -0600 |
commit | 500047b1c3cbfbd8f4ad6f52865ed98cd59fecb3 (patch) | |
tree | 09b3c448488735cbdf518b48081623a56b197368 /docs/hazmat/primitives/cryptographic-hashes.rst | |
parent | 9a59ad87f65ea4fa7f8aab58ae8a98b8c378bc13 (diff) | |
download | cryptography-500047b1c3cbfbd8f4ad6f52865ed98cd59fecb3.tar.gz cryptography-500047b1c3cbfbd8f4ad6f52865ed98cd59fecb3.tar.bz2 cryptography-500047b1c3cbfbd8f4ad6f52865ed98cd59fecb3.zip |
SHA-1 is broken, run for the hills (#3417)
Diffstat (limited to 'docs/hazmat/primitives/cryptographic-hashes.rst')
-rw-r--r-- | docs/hazmat/primitives/cryptographic-hashes.rst | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/docs/hazmat/primitives/cryptographic-hashes.rst b/docs/hazmat/primitives/cryptographic-hashes.rst index 34d88bcc..d3e9eb4d 100644 --- a/docs/hazmat/primitives/cryptographic-hashes.rst +++ b/docs/hazmat/primitives/cryptographic-hashes.rst @@ -79,21 +79,6 @@ Message digests .. _cryptographic-hash-algorithms: -SHA-1 -~~~~~ - -.. attention:: - - NIST has deprecated SHA-1 in favor of the SHA-2 variants. New applications - are strongly suggested to use SHA-2 over SHA-1. - -.. class:: SHA1() - - SHA-1 is a cryptographic hash function standardized by NIST. It produces an - 160-bit message digest. Cryptanalysis of SHA-1 has demonstrated that it is - vulnerable to practical collision attacks, though no actual collisions are - publicly known. - SHA-2 family ~~~~~~~~~~~~ @@ -149,6 +134,22 @@ SHA-family of hashes. :raises ValueError: If the ``digest_size`` is invalid. +SHA-1 +~~~~~ + +.. warning:: + + SHA-1 is a deprecated hash algorithm that has practical known collision + attacks. You are strongly discouraged from using it. Existing applications + should strongly consider moving away. + +.. class:: SHA1() + + SHA-1 is a cryptographic hash function standardized by NIST. It produces an + 160-bit message digest. Cryptanalysis of SHA-1 has demonstrated that it is + vulnerable to practical collision attacks, and collisions have been + demonstrated. + RIPEMD160 ~~~~~~~~~ |