RSS
Popular Cryptographic Hash Function Possibly Broken
from the uh-oh dept
Last summer, there were rumors swirling that some researchers had figured out how to break SHA-1, a widely-used cryptographic hash function. While it wasn't quite what was advertised, it was clear that some researchers were getting closer, and now Bruce Schneier is reporting that SHA-1 has been broken. If true, then it could require quite a bit of effort to change old systems that rely on it, and could present quite a bit of pain for certain companies.
3 Comments | Leave a Comment..
If you liked this post, you may also be interested in...
- DailyDirt: Autonomous Vehicles
- How Publishers Repeated The Same Mistake As Record Labels: DRM Obsession Gave Amazon Dominant Position
- Park Ranger Tases Guy Walking Dogs Without A Leash
- Brazilian Government Ordering Web Hosting Firms To Kill Domain Names They Don't Like
- Syrian President's Email Hacked... His Password Was 12345
Reader Comments (rss)
(Flattened / Threaded)
Chinese cryptographers
Previously only the expected collision issue in SHA-0 was confirmed (along with MD4, MD5, and the original RIPEMD), this new paper appears to actually demonstrate fatal flaws in SHA-1.
[ reply to this | link to this | view in thread ]
Re: Chinese cryptographers
[ reply to this | link to this | view in thread ]
Re: Chinese cryptographers
But let's be clear: both have utility even in their flawed form. MD5 is computationally quick but not tremendously precise; SHA-1 is more precise, but more computationally taxing.
Both are used heavily by backup software makers: see backuppc.sourceforge.net for interesting discussion of the use of MD5 (and work-arounds for its limitations).
[ reply to this | link to this | view in thread ]
Add Your Comment