[Cryptography] Google announces concrete SHA-1 collision
Patrick Chkoreff
patrick at rayservers.net
Thu Feb 23 11:37:01 EST 2017
Derek Atkins wrote on 02/23/2017 10:55 AM:
> Hi,
>
> Just just came to my attention! I think this is (hopefully) the final
> nail in the SHA-1 coffin?
>
> https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
It's real:
patrick at laptop:~/Downloads$ ll shattered-*
-rw-rw-r-- 1 patrick patrick 422435 Feb 23 09:02 shattered-1.pdf
-rw-rw-r-- 1 patrick patrick 422435 Feb 23 09:03 shattered-2.pdf
patrick at laptop:~/Downloads$ cmp shattered-1.pdf shattered-2.pdf
shattered-1.pdf shattered-2.pdf differ: byte 193, line 8
patrick at laptop:~/Downloads$ gpg --print-md sha1 shattered-1.pdf
shattered-1.pdf: 3876 2CF7 F559 34B3 4D17 9AE6 A4C8 0CAD CCBB 7F0A
patrick at laptop:~/Downloads$ gpg --print-md sha1 shattered-2.pdf
shattered-2.pdf: 3876 2CF7 F559 34B3 4D17 9AE6 A4C8 0CAD CCBB 7F0A
-- Patrick
P.S. Naturally sha256 isn't fooled:
patrick at laptop:~/Downloads$ gpg --print-md sha256 shattered-1.pdf
shattered-1.pdf: 2BB787A7 3E37352F 92383ABE 7E290293 6D1059AD 9F1BA6DA
AA9C1E58
EE6970D0
patrick at laptop:~/Downloads$ gpg --print-md sha256 shattered-2.pdf
shattered-2.pdf: D4488775 D29BDEF7 993367D5 41064DBD DA50D383 F89F0AA1
3A6FF2E0
894BA5FF
More information about the cryptography
mailing list