Showtime Experiments With Streaming Shows >>
<< Deja Demo
 tdicon 

(Mis)Uses of Technology

by Mike Masnick

Tue, Feb 15th 2005 10:14pm





Popular Cryptographic Hash Function Possibly Broken

from the uh-oh dept

Last summer, there were rumors swirling that some researchers had figured out how to break SHA-1, a widely-used cryptographic hash function. While it wasn't quite what was advertised, it was clear that some researchers were getting closer, and now Bruce Schneier is reporting that SHA-1 has been broken. If true, then it could require quite a bit of effort to change old systems that rely on it, and could present quite a bit of pain for certain companies.

3 Comments | Leave a Comment

If you liked this post, you may also be interested in...

Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    RMD265 is good enough for me, Feb 16th, 2005 @ 1:28am

    Chinese cryptographers

    The authors of the latest paper are for the most part the same team from Shandong University who wrote the papers on hash collisions from this past August.
    Previously only the expected collision issue in SHA-0 was confirmed (along with MD4, MD5, and the original RIPEMD), this new paper appears to actually demonstrate fatal flaws in SHA-1.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    nonuser, Feb 16th, 2005 @ 5:21am

    Re: Chinese cryptographers

    So MD5 is broken as well? I think those are the two choices offered by Microsoft's code signing tools last time I checked.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Feb 16th, 2005 @ 10:18am

    Re: Chinese cryptographers

    MD5 isn't so much broken as flawed for some purposes. SHA-1 now shows flaws of its own.

    But let's be clear: both have utility even in their flawed form. MD5 is computationally quick but not tremendously precise; SHA-1 is more precise, but more computationally taxing.

    Both are used heavily by backup software makers: see backuppc.sourceforge.net for interesting discussion of the use of MD5 (and work-arounds for its limitations).

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Showtime Experiments With Streaming Shows >>
<< Deja Demo
 tdicon 
Follow Techdirt
Flattr rss rss
A word from our Sponsors...
Sponsored Resource
Essential Reading
Techdirt Reading List
Techdirt Insider Chat

A word from our Sponsors...
Recent Stories

Saturday

12:00pm: GMacGuffin's Favorite Techdirt Posts Of The Week (1)
9:00am: Awesome Stuff: Dealer's Choice (4)

Friday

7:39pm: In Defense Of Digital Freedom: It's Time To Get Beyond 'Cyber' Hyperbole (26)
6:40pm: Xbox One Release: Tons Of Questions, Very Few Answers (98)
5:37pm: Think DOJ Spying On Reporters Was 'Unprecedented'? Think Again (6)
5:00pm: DailyDirt: DIY Soda (Pop Or Whatever You Call Carbonated Beverages) (9)
3:51pm: Petition Asks Obama To Support Treaty For The Blind, Rather Than Siding With Hollywood (16)
2:46pm: Fair Use For Me, But Not For Thee (28)
1:45pm: Another Court Tells Prenda To Pay Up On Attorneys Fees (21)
12:45pm: If You Thought Copyright Was A Mess On Earth, What Does It Look Like In Space? (25)
More arrow
A word from our Sponsors...

Close

Email This