SHA-1 break

Jibz · February 16, 2005, 09:39:26 AM

For those who haven't seen it yet, Bruce Schneier's blog has a post about SHA-1 being 'broken'.

hutch-- · February 16, 2005, 11:12:21 AM

Interesting article and it seems to involve hash collisions. I wonder how long it will take to convert these heathens to a strong random pad based encryption ? :green2

Ghirai · February 16, 2005, 12:57:03 PM

This is a nice site, seems like rainbow tables are indeed worthy: http://www.passcracking.com

Bieb · February 17, 2005, 02:51:39 AM

What's he mean by broken? Like instantly crackable?

hutch-- · February 17, 2005, 03:31:05 AM

It means someone has found a way to defeat the encryption. It wil still take a lot of knowhow and computer power to do it but the jist or the research was that the range to brute force crack the encryption is a lot smaller than originally thought.

Jibz · February 17, 2005, 09:15:03 AM

SHA-1 is a cryptographic hash algorithm and not an encryption algorithm :naughty:.

SHA-1 is 'broken' in the sense that they devised a method for finding collisions (two messages that result in the same hash) which is faster than brute force (2^69 tries instead of 2^80).

While this probably does not pose a huge security problem in most cases, it does show some potential weakness in the algorithm.

Bieb · February 17, 2005, 01:53:57 PM

So, how much difference does that amount to in computing time?

MichaelW · February 17, 2005, 07:22:26 PM

80 – 69 = 11
2 ^ 11 = 2048

A substantial reduction, but assuming a 3GHz clock and one try per clock cycle (not possible for a single processor), 2 ^ 69 tries would still take ~6,235 years. So currently, it would still be "computationally infeasible to find a message which corresponds to a given message digest, or to find two different messages which produce the same message digest." Then again, you could find it on the first try :bg

Tedd · February 18, 2005, 11:54:08 AM

Quote from: MichaelW on February 17, 2005, 07:22:26 PM
80 – 69 = 11
2 ^ 11 = 2048

A substantial reduction, but assuming a 3GHz clock and one try per clock cycle (not possible for a single processor), 2 ^ 69 tries would still take ~6,235 years. So currently, it would still be "computationally infeasible to find a message which corresponds to a given message digest, or to find two different messages which produce the same message digest." Then again, you could find it on the first try :bg

6,235 years is a worst case scenario.
Given a 'birthday attack,' the time would be more like 79 years. (ie. how long before you have more than 50% chance of 'getting lucky.')

hutch-- · February 18, 2005, 01:47:52 PM

The humour is it is well known that governments of various pursuasions have some very big computer grunt to reduce these problems from years to a far smaller time scale. I remember one of the better known 54 bit encryptions was broken a few years ago but the match rate of keys was some amazing number per second. I am pretty much of the view that any system that can be exhausted on a key count is dead meat.

For its many problems and difficulty to implement, a highly random pad is hard to beat if it is used properly.

Ghirai · February 18, 2005, 02:22:41 PM

I'm pretty sure that the 5 32 bit init. vars have those values for a particular reason (or more). It can leave a backdoor for the people who need it (the designers, NIST, along with the NSA).

News:

SHA-1 break

Jibz

hutch--

Ghirai

Bieb

hutch--

Jibz

Bieb

MichaelW

Tedd

hutch--

Ghirai