SHA-1 Causing Me Trouble
In the news recently has been the fact that a
stock SHA-1 can now be brute forced in 2^69 operations instead of 2^80. That is,
collisions can be found about 2000 times faster. According to some, this means
about $38 million in hardware will allow a 56 hour crack. That may seem like a
lot, but consider that in 18 months, you can probably halve that. And it's only
going to get cheaper.
And I just added SHA-1 support to the MD5 software for Windows that I distribute from here. I'm going to (of course) leave it in, but I think I'll take a little time and add SHA-256 and SHA-512 to the list of hashes that are supported. These are probably the successors to the now severely damaged SHA-1 - at least according to Schneier. Hopefully that will continue to make the program useful. Of course, it's not like people verifying their Linux ISO's have to worry about someone sticking an evil image - but more and more people will be moving away from SHA-1 in the future.
Link to PDF describing the method of attack.
And I just added SHA-1 support to the MD5 software for Windows that I distribute from here. I'm going to (of course) leave it in, but I think I'll take a little time and add SHA-256 and SHA-512 to the list of hashes that are supported. These are probably the successors to the now severely damaged SHA-1 - at least according to Schneier. Hopefully that will continue to make the program useful. Of course, it's not like people verifying their Linux ISO's have to worry about someone sticking an evil image - but more and more people will be moving away from SHA-1 in the future.
Link to PDF describing the method of attack.
Posted: Sat - February 19, 2005 at 03:10 PM
Quick Links
Every normal man must be tempted at times to spit on his hands, hoist the black flag, and begin slitting throats.
- H.L. Mencken
Calendar
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
Categories
Archives
PHOTO ALBUMS
The Photo Galleries are offline at the moment. I've moved the site to a new provider and haven't had time to set them up.
OS X Software
Windows Software
Miscellaneous Stuff
RSS Feed