SHA1 collision
houseOfEorl opened this issue · comments
Roberto A commented
After the announcing of the first SHA1 collision (https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html), and since Rfc2898DeriveBytes is still using SHA1.
Should we be concerned to use Rfc2898DeriveBytes?