We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Crypto world in panic as SHA-1 'broken'

Authentification system cracked at Chinese university

The SHA-1 (secure hash algorithm) authentication system that underpins digital signatures used in SSL browser security and PGP encryption is reported to have been “broken”.

The claim has been made on the website of respected cryptographic expert Bruce Schneier, who refers to a Chinese team at The University of Shandong as having released a paper outlining how it could be successfully attacked.

The paper is not yet available outside of specialist circles, so the claim can’t yet be verified in detail, but having previously helped break another hashing algorithm, MD5, the researchers have a track record in this area. “It pretty much puts a bullet into SHA-1 as a hash function for digital signatures,” Schneier comments pessimistically in his weblog.

SHA-1 is a type of “hash function”, a mathematical algorithm used to guarantee that a digital signature accompanying an encrypted transmission is authentic and hasn’t somehow been tampered with. Typically, it is applied to a digital signature, creating an output called a “message digest”.

This digest is then sent along with the digital signature itself, in separate transmissions. The receiver uses the same SHA-1 algorithm to create a new message digest from the signature which is compared with the one received. To a mathematically high degree of probability, they should be the same.

In theoretical terms, what the team is said to have done in “breaking” SHA-1 is demonstrate a way in which the likelihood of two message digests being the same – known as a “collision” – could be reduced from 2 to the power of 80 to 2 to the power of 69.

Although this should not give cause for immediate concern – a conventional attacker would still need a massive amount of processor time to interfere with its working in the real world – the use of such technology is highly sensitive to theoretical breakthroughs.

Only a week ago, William Burr, a security technology group manager at the National Institute of Standards and Technology (NIST), was reported as backing the continued use of the hashing scheme. “SHA-1 is not broken… and there is not much reason to suspect that it will be soon." Ideally its use should be phased out by 2010, he said.

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model