Chosen-Prefix Collision for SHA-1

SHA-1 is a Shambles (via Hacker News):

We have computed the very first chosen-prefix collision for SHA-1. In a nutshell, this means a complete and practical break of the SHA-1 hash function, with dangerous practical implications if you are still using this hash function. To put it in another way: all attacks that are practical on MD5 are now also practical on SHA-1. Check our paper here for more details.

See also: Bruce Schneier.

Previously:

• SHA-1 Collision

Update (2020-01-10): Git has been working on the SHA-1 problem since 2017, but it seems like the default behavior is still to use it. Here’s some information on the efforts. A recent post on the Git mailing list about the chosen-prefix collision did not generate much interest or a definitive statement.

Git iOS Mac Security SHA-1

1 Comment RSS · Twitter

Leave a Comment

Name

E-mail (will not be published)

Web site

Δ