SHA-1 broken

SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing.

This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result. It pretty much puts a bullet into SHA-1 as a hash function for digital signatures (although it doesn’t affect applications such as HMAC where collisions aren’t important).

What he said.  Major, major cryptoanalytic result.  The U.S. government, via NIST, planned to phase out SHA-1 by 2010 anyway.  I imagine this will speed things up a bit:

http://csrc.nist.gov/hash_standards_comments.pdf

…due to advances in technology, NIST plans to phase out of SHA-1 in favor of the larger and stronger hash functions (SHA-224, SHA-256, SHA-384 and SHA-512) by 2010.

See also: http://csrc.nist.gov/CryptoToolkit/tkhash.html

MD5 was partially broken months ago.  These are interesting times we live in.

2 thoughts on “SHA-1 broken

  1. Sorry. Basically, some computer security techniques just got seriously devalued. The impact could be rather large in the short term. Long term there are other techniques to do this function but it will take time to retrofit everything. In the mean time some computer activities are less secure than we thought they were.

Comments are closed.