Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
New optimised SHA-1 attack PDF Print E-mail
Written by Editor   
Thursday, 18 August 2005 12:55
It seems the hot news out of the CRYPTO 05 rump sessions is that the previously discussed attacks against SHA-1 have been optimised to reduce the complexity of the attack. In February new broke of an attack against the one way hash SHA-1, this attack effectively rendered the hash function used by many useless. The previously discussed attack concluded that a collision could be located in 2^69 calculations which is several orders of magnitude less than the 2^80 calculations required to break SHA-1 using normal brute force. However the work discussed at the CRYPTO 05 rump session indicates that they have managed to reduce the number of calculations from 2^69 to 2^63 which will put the attack within reach of well funded private citizens and not just governments.

Interestingly according to Shamir there are indications that the level complexity can be ‘considerably’ reduced further. However, what ‘considerably’ means has not been defined. However, this does not change what we already knew, SHA-1 is broken, it should be replaced with the newer SHA hashes such as SHA-512.

However, there exists one remaining hash RIPEMD-160 which has yet to have any published attacks levied against it. So if you need a 160–bit hash, then there is hope for you.


Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Thursday, 14 September 2006 23:07 )