We have broken SHA-1 in practice
3 months ago
- #Cryptography
- #SHA-1
- #Cybersecurity
- SHA-1 has been practically broken, allowing for the creation of two colliding PDF files with the same digital signature.
- This vulnerability affects digital signatures, file integrity verification, and file identification across various applications, including GIT and SVN.
- Many applications still use SHA-1 despite known theoretical attacks since 2005 and its deprecation by NIST in 2011.
- Google and Mozilla have taken steps to protect users, with Chrome marking SHA-1 certificates as insecure and Firefox deprecating SHA-1.
- GIT repositories can be manipulated to have the same commit hash but different contents, posing a security risk.
- SVN has been patched against SHA-1 collisions in versions 1.9.6 and up, and 1.8.18.
- The SHAttered attack is significantly faster than brute force, requiring extensive computational resources but is now practical.
- A collaboration between CWI and Google Research led to this breakthrough, leveraging Google's infrastructure and expertise.
- An online tool is available to check files for SHA-1 collision attacks, developed by Marc Stevens and Dan Shumow.
- Counter-cryptanalysis can detect and mitigate SHA-1 collision attacks by producing different hashes for colliding files.