[Cryptography] Google announces practical SHA-1 collision attack

[Peter Gutmann]

Michael Kjörling <michael at kjorling.se> writes:

> * Nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total
> * 6,500 years of CPU computation to complete the attack first phase
> * 110 years of GPU computation to complete the second phase

> Following Google’s vulnerability disclosure policy, we will wait 90
> days before releasing code that allows anyone to create a pair of
> PDFs that hash to the same SHA-1 sum given two distinct images with
> some pre-conditions.

I would also like to announce a collision for SHA-1.  Unlike Google's one, 
this one only takes about ten minutes on a fully functional quantum computer.

Following the same vulnerability disclosure policy, I will wait 90 days
before releasing code that allows anyone with their own fully functioning
quantum computer to create a pair of PDFs that hash to the same SHA-1 sum 
given two distinct images with some pre-conditions.

Peter.