« Microsoft Security Bulletin Summary for June 2009 | Main | Phrack 66 is out! »

SHA-1 collisions achievable

"The researchers, from Macquarie University in Sydney, Australia, found a way to break the SHA-1 algorithm in significantly fewer tries than previously required. Although the hash function was previously believed to withstand attempts numbering 263, the researchers have been able to whittle that down to 252, a number that puts practical attacks well within grasp of well-funded organizations.

Secure hashing algorithms are designed to reduce text or digital files to a unique series of letters and numbers that is often compared to the document's signature. The findings, which were published Wednesday here (PDF), mean it's easier to create what cryptographers call collisions in SHA-1, in which two different sources share the same the same output."

Read more: http://www.theregister.co.uk/2009/06/10/digital_signature_weakness/
The whitepaper: http://eprint.iacr.org/2009/259.pdf


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!