SHA-1 Causing Me Trouble 


In the news recently has been the fact that a stock SHA-1 can now be brute forced in 2^69 operations instead of 2^80. That is, collisions can be found about 2000 times faster. According to some, this means about $38 million in hardware will allow a 56 hour crack. That may seem like a lot, but consider that in 18 months, you can probably halve that. And it's only going to get cheaper.

And I just added SHA-1 support to the MD5 software for Windows that I distribute from here. I'm going to (of course) leave it in, but I think I'll take a little time and add SHA-256 and SHA-512 to the list of hashes that are supported. These are probably the successors to the now severely damaged SHA-1 - at least according to Schneier. Hopefully that will continue to make the program useful. Of course, it's not like people verifying their Linux ISO's have to worry about someone sticking an evil image - but more and more people will be moving away from SHA-1 in the future.

Link to PDF describing the method of attack. 

 

Posted: Sat - February 19, 2005 at 03:10 PM          


©