SHA-1 compromised further

Crypto researchers point the way to feasible attack

Got Tips?

Crypto researchers have discovered a new, much faster, attack against the widely-used SHA-1 hashing algorithm. Xiaoyun Wang, one of the team of Chinese cryptographers that demonstrated earlier attacks against SHA-0 and SHA-1, along with Andrew Yao and Frances Yao, have discovered a way to produce a collision in SHA-1 over just 263 hash operations compared to 269 hash operations previously. A brute force attack should take 280 operations.

One-way hashing is used in many applications such as creating checksums used to validate files, creating digital certificates, authentication schemes and in VPN security hardware. Collisions occur when two different inputs produce the same output hash. In theory this might be used to forge digital certificates but it shouldn't be possible to find collisions except by blind chance. Wang and her team have discovered an algorithm for finding collisions much faster than brute force. The researchers released a paper (PDF) on their finding at the Crypto 2005 conference in Santa Barbara, California earlier this week.

"The SHA-1 collision search is squarely in the realm of feasibility," writes noted cryptographer Bruce Schneier in a posting to his web log. "Some research group will try to implement it. Writing working software will both uncover hidden problems with the attack, and illuminate hidden improvements. And while a paper describing an attack against SHA-1 is damaging, software that produces actual collisions is even more so."

The US National Institute of Standards and Technology (NIST) recently advised the US government to phase out SHA-1 in favor of SHA-256 and SHA-512. NIST is holding a workshop on the subject in late October. ®

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER


Keep Reading

Remember that backdoor in Juniper gear? Congress sure does – even if networking biz wishes it would all go away

US lawmakers demand answers in quest against Feds-only access points

Remember the Clipper chip? NSA's botched backdoor-for-Feds from 1993 still influences today's encryption debates

Enigma We'll laugh at today's mandated holes in the same way we laugh at those from 25 years ago

Zoom-er or later, your past catches up with you: Vid chat service hit by sueball over end-to-end encryption claim

US consumer nonprofit alleges it was false advertising

After huffing and puffing for years, US senators unveil law to blow the encryption house down with police backdoors

Lawmakers will attempt to bend the laws of mathematics to their will

IBM Watson GPU cloud cluster Brexits from London to Frankfurt – because GDPR

Users have migration work to do in the next month. Good thing nobody's busy right now, eh?

You may be distracted by the pandemic but FYI: US Senate panel OK's backdoors-by-the-backdoor EARN IT Act

Proposed Section 230 shake-up passes committee stage with amendments

Microsoft to charge $200 for 32 GPU cores, sliver of CPU clockspeed, 6GB RAM, 512GB SSD... and a Blu-Ray player

That’s the price and specs difference between full XBOX X and its smaller all-digital XBOX S sibling

VMware bungled bundling blurt blaring Bitfusion bringing new GPU-and-AI powers to vSphere

Bitfusion integration will require an add-on licence after all, rather than being tossed into vSphere Enterprise Plus

Biting the hand that feeds IT © 1998–2020