Putting The Cracking of SHA-1 in Perspective

    Date23 Jan 2007
    Posted ByBrittany Day
    SHA-1 is one of the most prevalent forms of a secure hash algorithm used in the legal and security industry. Now that Professor Xiaoyun Wang and her associates in Tsinghua University and Shandong University of Technology have officially cracked the SHA-1 hashing algorithm, the fallout will begin. This won't actually be due to security concerns for the most part, but the legal ramifications may be severe.

    A digital hash is basically a fingerprint of a data file. The perfect hashing algorithm will always produce a unique-enough finger print for a particular data stream that it is practically impossible to find a different data stream matching that finger print. Professor Wang did just that and found a different data stream with an identical finger print that matches the SHA-1 hash of the original data stream. While hashes have been broken before, the SHA-1 hash was published by the NIST in the1995 and was believed to be solid for a long time to come. But professor Wang surprised the cryptographic community in early 2005 with the announcement that she and her team had figured out a way to speed up the cracking process by more than 11 orders of magnitude.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).


    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.