Just read the so called Algorithmencatalog (maybe Algorithms Catalog in English!?), published by our German Bundesnetzagentur. They seem to know exact expiration dates for hash functions ;)

In this PDF file I found the following table (see original screen-shot):

* i.e. for creation of qualified certs, not for creation or verification of other qualified signed data. ** i.e. for creation of qualified certs with at least 20 bit entropy in its serial number, not for creation or verification of other qualified signed data. *** exclusively for verification of qualified certs
Creation of qualified certs*: suitable til end of 2009 Creation of qualified certs**: suitable til end of 2010 suitable til end of 2010 suitable til end of 2015 suitable til end of 2016
SHA-1 SHA-1 RIPEMD-160 SHA-224 (SHA-1, RIPEMD-160)*** SHA-256, SHA-384, SHA-512

So I hope there is anybody out there that has started to crack SHA-1 to get finished this year :P

(maybe it’s the recounter’s turn!?^^)


Martin Scharm

stuff. just for the records.

Do you like this page?
You can actively support me!

4 comments

Martin S. | Permalink |

In the real world:

expiration year of md5: 1996*

expiration year of md5: 1999**

expiration year of md5: 2009***

expiration year of md5: 2019**

  • for non-qualified signatures ** for advanced signatures * for qualified signatures ** for qualified signatures with high trust-level
Martin S. | Permalink |

Yeahhh, I remember. The professional checksum-breaker, also known as the R E C O U N T E R. He is the only one, who can handle the sha1 cracking problem in a reasonable time.

good luck Mr. R E C O U N T E R

3dfxatwork | Permalink |

Noch hat er seine aufgabe nicht gelöst ^^.

martin | Permalink |

wtf, he can’t neglect his tasks!

maybe he is in holidays!?

Leave a comment

There are multiple options to leave a comment: