More on Newly Broken SHA-1

Posted by CowboyNeal on Saturday February 19, 2005 @02:32AM from the all-hands-abandon-ship dept.

AnonymousStudent writes "Details are out about the reported broken SHA-1 hash function. The findings are that SHA-1 is not collision free and can be broken in 2^69 attempts instead of 2^80. This is about 2000 times faster. With todays computing power and Moores Law, a SHA-1 hash does not last too long. Using a modified DES Cracker, for the small sum of up to $38M, SHA-1 can be broken in 56 hours, with current computing power. In 18 months, the cost should go down by half. Jon Callas, PGP's CTO, put it best: 'It's time to walk, but not run, to the fire exits. You don't see smoke, but the fire alarms have gone off.' As Schneier suggests, 'It's time for us all to migrate away from SHA-1.' Alternatives include SHA-256 and SHA-512."

4 of 362 comments (clear)

Min score:

Reason:

Sort:

Re:2000 times faster? by rbarreira · 2005-02-19 02:37 · Score: 0, Redundant

No, it's 2^11 times faster, which is 2048 times faster... Rule:

a^n / a^m = a^(n-m)

--

The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
Re:2000 times faster? by Temporal · 2005-02-19 02:37 · Score: 0, Redundant

2^80 / 2^69 = 2^11 = 2048
Re:2000 times faster? by selectspec · 2005-02-19 02:38 · Score: 0, Redundant

2*2*2*2*2*2*2*2*2*2*2 = 2048 times faster

--
Someone you trust is one of us.
Re:The True Deadline by thebes · 2005-02-19 03:03 · Score: 0, Redundant

Why the hell to people quote Moore's law this way? Moore's law says FUCK ALL about chip speed. It talks about chip transistor density. We have already noticed that chip speed in the last while has slowed down. So where the hell do you get that in 18 months, Moore's law says it will cost 1/2 as much to perform the same calculations?