zlacker

[parent] [thread] 2 comments
1. sofixa+(OP)[view] [source] 2023-07-27 11:26:30
> TPM 1.2 uses SHA1 for everything which is a broken hash function

> No reason

Using broken encryption is quite a decent reason.

replies(2): >>Ashame+j2 >>raxxor+po3
2. Ashame+j2[view] [source] 2023-07-27 11:47:12
>>sofixa+(OP)
Definitely not for the actual user of the device.
3. raxxor+po3[view] [source] 2023-07-28 10:28:42
>>sofixa+(OP)
SHA1 is not for encryption, it is a signature algorithm.

It is considered broken because there is a faster way than simple brute force to create a collision. The currently know approach is still computationally expensive.

It is correct to call it broken, but I don't see the implications for TMP at all. TPM is shitty tech in the first place in my opinion, but aside from that there is little practical relevance.

[go to top]