According to researchers the complexity of the SHA-1 one-way hash function has been significantly reduced. Exploiting this weakness for practical purposes is now possible for a “well-funded organization.” While the research remains unpublished this revelation underscores the need for us to move away from SHA-1 and related algorithms.
One-way cryptographic hash functions have many uses in modern computing. For instance, they are used in authentication, encryption, digital signatures, and integrity checking. MD5 and SHA-1 are two popular hash functions still in use today. For years, the public at large has been aware that there were security problems with these particular algorithms, but until recently these problems had been classified as theoretical and not practical. MD5 was the first to be targeted and SHA-1 was considered a more secure alternative.
Until yesterday, the best-known attack for SHA-1 was considered to have a complexity of 2^63 which is considered to still be secure for most uses. However, if the claims prove valid, the complexity of SHA-1 can be reduced to 2^52 or 2048 times less secure.
Unfortunately, SHA-1 is very popular and the move away may not be as quick. For instance, SHA-1 is used in the following:
- TLS and SSL powering your HTTPS connection
- Pretty Good Privacy (PGP) used to encrypt emails and data
- S/MIME, another email encryption protocol
- IPsec a popular VPN protocol
- And of course, my most favorite of all, Secure Shell (SHH v2) protocol
If this is the first time you’re hearing about hash functions, you can use this site to enter text and receive MD5 output.
For those of you interested in more technical details, I would suggest reading Bruce Schneier’s “Applied Cryptography” as well as his blog entry on this topic.
One Comment
SHA-1 and MD5 are not good hashing algorithms for passwords.
People should be using SRP or bcrypt for password hashing.
One Trackback
[...] http://www.linkgard.com/security_blog/new-attack-against-sha-1/ [...]