Background
Secure Hashing Algorithm 1 (SHA-1) is a message digest algorithm published in 1995 as part of NIST’s Secure Hash Standard. A hashing algorithm is considered secure only if it produces unique output for any given input and that output cannot be reversed (the function only works one-way).
Since 2005 there have been known collision attacks (where multiple inputs can produce the same output), meaning that SHA-1 no longer meets the security standards for a producing a cryptographically secure message digest.
For attacks against hashing algorithms, we have seen a pattern of attacks leading up to major real-world impacts:
Short history of MD5 Attacks
Source: Marc Stevens, Cryptanalysis of MD5 and SHA-1
It appears that SHA-1 is on a similar trajectory:
texto completo: Security Advisory 2880823: Recommendation to discontinue use of SHA-1
Secure Hashing Algorithm 1 (SHA-1) is a message digest algorithm published in 1995 as part of NIST’s Secure Hash Standard. A hashing algorithm is considered secure only if it produces unique output for any given input and that output cannot be reversed (the function only works one-way).
Since 2005 there have been known collision attacks (where multiple inputs can produce the same output), meaning that SHA-1 no longer meets the security standards for a producing a cryptographically secure message digest.
For attacks against hashing algorithms, we have seen a pattern of attacks leading up to major real-world impacts:
Short history of MD5 Attacks
Source: Marc Stevens, Cryptanalysis of MD5 and SHA-1
- 1992: MD5 published
- 1993: Pseudo-collision attack
- 2004: Identical-prefix collision found in 2^40 calls
- 2006: chosen-prefix collision found in 2^49 calls
- 2009: identical-prefix and chosen prefix optimized to 2^16 and 2^39 calls respectively, Rouge CA practical attacks implemented
It appears that SHA-1 is on a similar trajectory:
- 1995: SHA-1 published
- 2005: SHA-1 collision attack published in 2^69 calls
- 2005: NIST recommendation for movement away from SHA-1
- 2012: Identical-prefix collision 2^61 calls presented
- 2012: Chosen-prefix collision 2^77.1 calls presented
texto completo: Security Advisory 2880823: Recommendation to discontinue use of SHA-1