[IP] SHA-1 cracked?

Ben Laurie ben at algroup.co.uk
Wed Feb 16 10:39:56 EST 2005


David Farber wrote:
> ------ Forwarded Message
> From: Rodney Joffe <rjoffe at centergate.com>
> Date: Wed, 16 Feb 2005 07:36:36 -0700
> To: Dave Farber <dave at farber.net>
> Subject: SHA-1 cracked?
> 
> For IP
> 
> Hi Dave,
> 
> Bruce Schneier is reporting in his blog that SHA-1 appears to have been
> broken by a Chinese group, and that is has collisions "in the the full SHA-1
> in 2**69 hash operations, much less than the brute-force attack of 2**80
> operations based on the hash length.".
> 
> This could have non-trivial implications for many current commercial
> operations.
> 
> http://www.schneier.com/blog/archives/2005/02/sha1_broken.html

A work factor of 2^69 is still a serious amount of work. At a thousand 
million trials a second, that's still well over 17 years. I doubt you 
can get anything like that speed without _serious_ expenditure. For 
reference, a middling PC can do around 200k single block SHA-1's a 
second. So, multiply that by 5 million to get it down to 17 years, 
assuming all you have to do is hash.

Of course, we don't have the details yet, but this is not the sky 
falling on our heads (yet).

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list