(no subject)
Feb. 16th, 2005 09:35 amFrom: "Steven M. Bellovin" <smb@cs.columbia.edu> To: cryptography@metzdowd.com Subject: SHA-1 cracked Date: Tue, 15 Feb 2005 23:29:43 -0500 According to Bruce Schneier's blog (http://www.schneier.com/blog/archives/2005/02/sha1_broken.html), a team has found collisions in full SHA-1. It's probably not a practical threat today, since it takes 2^69 operations to do it and we haven't heard claims that NSA et al. have built massively parallel hash function collision finders, but it's an impressive achievement nevertheless -- especially since it comes just a week after NIST stated that there were no successful attacks on SHA-1.
This comes in the shadow of the SHA-0 collisions announced at CRYPTO '04. This means that it's 2048 times easier to come up with a piece of data which hashes to the same hash as a chosen piece of text. It doesn't mean that your banking sessions are insecure--not yet at any rate. It does mean we need to be looking for a replacement algorithm to use for digital signing.