The critical question is "how broken is SHA1?" Linus essentially bets on it being not broken, or at least, the same degree of broken as the alternatives. At the time that was a reasonable argument. But the numbers quoted in the article [1] seem to point to SHA1 collision attacks being practical within 10 years, and that's based purely on expected hardware advances and not on special hardware acceleration or theoretical breakthroughs.
So I ask again: do we need to revisit this? Just because Linus was dismissive 9 years ago doesn't mean we should ignore the possibility.
eslaught|11 years ago
So I ask again: do we need to revisit this? Just because Linus was dismissive 9 years ago doesn't mean we should ignore the possibility.
[1]: https://www.schneier.com/blog/archives/2012/10/when_will_we_...