LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 02-18-2005, 11:12 AM   #1
mikeheggy
Member
 
Registered: Jan 2005
Posts: 37

Rep: Reputation: 15
SHA-1 Standard Cracked


Quote:
News that a nine-year-old encryption method--one that underlies the protection of virtually all secure online communications--appears to have been cracked by a team of three Chinese researchers has spurred encryption experts around the world to issue a call to action.
Full story here
 
Old 02-18-2005, 11:50 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
There have actually been several recent advances in breaking various cryptographic hashing algorithms in the last few months, with md5 and now sha1 being cracked. However it's very important to understand the context in which these algorithms have been 'broken'. For both md5 and sha1 researchers have devised techniques for finding collisions significantly more often than should be allowed by chance alone. Using these techniques you can find 2 files that have identical cryptographic checksums or digital signatures. However this still requires significant resources. Anecdotally (I have yet to actually read the sha1 paper), this will reduce the number of operations to 10^29 which is a significant failure in cryptographic terms, but in practical terms this still an enormous amount. Some of the estimates I've seen stating that a standard PC running for 1,000 years might identify a collision with this technique.

There are some areas such as legal fields and 3-letter gov't agencies where this may have profound effects, for example files digitally signed with md5 or SHA1 can no longer be considered to be 100% valid, as someone could generate a faked file with an identical hash. But for Joe linux user depending on sha or md5 passwd hashes, this is not a serious issue. Though I wouldn't be shocked to see everyone moving to new encryption algorithms in the near future.
 
Old 02-19-2005, 10:37 AM   #3
TruckStuff
Member
 
Registered: Apr 2002
Posts: 498

Rep: Reputation: 30
Quote:
Originally posted by Capt_Caveman
Anecdotally (I have yet to actually read the sha1 paper), this will reduce the number of operations to 10^29 which is a significant failure in cryptographic terms, but in practical terms this still an enormous amount. Some of the estimates I've seen stating that a standard PC running for 1,000 years might identify a collision with this technique.
You mean 2**29. And from what I've read, the 2**29 operations is only under certain conditions, e.g. certain pieces of information are known and/or assumed correctly. The more realistic number is 2**69 operations, which is still for better than what SHA1's previous strength of 2**80.

I read an interesting comment regarding the time it would take to crack an SHA1 sum. It might take an ordinary PC a few centuries to churn through all the needed calculations to find a collision, but the spread of botnets (PCs infected by a virus and connected to the internet) has changed that dramatically. If you have a network of say 1000 shiny new Dell 3Ghz machines secretly crunching away on the numbers, the time to crack drops signifigantly. Now, even under the best operating environments, it would still take that network on the order of a decade or so, but it all rolls down hill from here.

Last edited by TruckStuff; 02-19-2005 at 10:38 AM.
 
Old 02-19-2005, 12:55 PM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Cool. Thanks for the correction
 
Old 02-19-2005, 01:51 PM   #5
mikeheggy
Member
 
Registered: Jan 2005
Posts: 37

Original Poster
Rep: Reputation: 15
I guess I misinterpreted the meaning of the article...
 
Old 02-20-2005, 03:14 AM   #6
gr33ndata
Member
 
Registered: Aug 2003
Location: DMZ
Distribution: Ubuntu
Posts: 144

Rep: Reputation: 15
Was md5 broken too ?
Also, shall normal users continue using SHA-1 in their IPSec VPN, Digital Signatures etc or not.
By the way, which is secure more MD5 or SHA-1 ?
 
Old 02-20-2005, 11:40 AM   #7
carboncopy
Senior Member
 
Registered: Jan 2003
Location: Malaysia
Distribution: Fedora Core, Slackware, Mac OS X, Debian, OpenSUSE
Posts: 1,210
Blog Entries: 4

Rep: Reputation: 45
Quote:
Originally posted by gr33ndata
Was md5 broken too ?
Also, shall normal users continue using SHA-1 in their IPSec VPN, Digital Signatures etc or not.
By the way, which is secure more MD5 or SHA-1 ?
Trolling : Both MD5 and SHA-1 have collisions.

Check the posts:
http://www.schneier.com/blog/archive...nalysis_o.html
http://theory.csail.mit.edu/~yiqun/shanote.pdf

Very informative.
 
Old 02-20-2005, 10:31 PM   #8
TruckStuff
Member
 
Registered: Apr 2002
Posts: 498

Rep: Reputation: 30
Quote:
Originally posted by gr33ndata
Also, shall normal users continue using SHA-1 in their IPSec VPN, Digital Signatures etc or not.
Everything that's been written thus far indicates that there is no immediate and pressing danger with SHA1. MD5 has certainly lost its luster in the last few months, but isn't dead yet. The important thing to note about the "cracking" of SHA1 and MD5 is that this was accomplished using specially crafted data sets. There is no indication that a collission has been shown to exists in real-world data.

I think the CTO of PGP put it best: "Its time to walk, not run, to the exits. The fire alarm has sounded, but there is no smoke yet."
 
Old 02-21-2005, 06:52 AM   #9
kermit
Member
 
Registered: Jul 2002
Location: Madrid. Spain
Distribution: considering ubuntu
Posts: 87

Rep: Reputation: 15
Some official info

http://www.pgp.com/news/sha1.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Creating MD5 / SHA / SSHA digests from command line? [GOD]Anck Slackware 1 05-19-2005 12:00 PM
cracked or not cracked (tripwire & chrootkit) ddaas Linux - Security 1 04-27-2005 08:29 AM
sha-1 encryption and endianness sade Linux - Software 0 08-24-2004 11:16 AM
SHA, MD5, LDAP for passwords mastahnke Linux - Security 2 09-25-2003 03:36 AM
standard vs Expert install? Standard flubs up! Frost Linux - Software 1 03-27-2002 08:55 AM


All times are GMT -5. The time now is 05:10 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration