Mar. 6, 2017 | By Joel Odom
It took almost 7,000 computer-years of work to complete the calculations, but Google has succeeded in finding the first SHA-1 collision -- meaning that a once invincible algorithm used as a cryptography standard by the National Security Agency no longer is secure. One of the security requirements of a cryptographic hash function is that it should be practically impossible to find two inputs that yield the same output. Starting with a theoretical technique published in 2013, Google was able to apply their vast computing resources to turn the theoretical weakness into an actual collision. Cryptographers consider a hash function completely broken once a collision is found.
IISP Analyst Joel Odom: “When we consider whether or not a vulnerability is a real-world concern, economics comes into play. As the cost of an attack exceeds the benefit of success, the vulnerability becomes less of a real-world concern. The computing cost of this attack was enormous, so the real-world concern to most people is currently minimal, but computing power only gets cheaper and attacks only get better. There is a timeline (including some good commentary) at http://valerieaurora.org/hash.html that shows how popular hash functions started strong, but weakened until their eventual death. When you design a system that uses cryptography, it is important to design it in such a way that you can update all of the primitives over time, including the hash functions."
For further reading
- Google Security Blog: https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
- Shattered: https://shattered.io