Slashdot Mirror

← Back to Stories (view on slashdot.org)

New, Faster Attack against SHA-1 Revealed

Posted by CowboyNeal on from the not-so-safe-anymore dept.

VxSote writes "According to Bruce Schneier's blog, a team of Chinese cryptographers has announced new results against SHA-1 that speed up the time required to find collisions compared to their previously published attack. Schneier says that a SHA-1 collision search is now 'squarely in the realm of feasibility,' and that further improvements are expected."

7 of 298 comments (clear)

  1. Is that the attack... by RevDobbs · · Score: 5, Funny

    Is that the same attack the chinese exchange student used in Lineage II?

  2. The world is collapsing around me! by frinkacheese · · Score: 5, Funny

    Next there will be massive ASIC machines crunching your PGP ciphertext and nobody will be able to proove anything until Lt Cmdr Data comes up with another Fractal Encryption algorythm that even the Borg cannot break.

  3. Big deal by That's+Unpossible! · · Score: 5, Funny

    All they did was look for a near-collision
    differential path which has low Hamming weight in the "disturbance vector" where each 1-bit represents a 6-step local collision. Then they simply adjusted the differential path in the first round to another possible differential path so as to avoid impossible consecutive local collisions and truncated local collisions. Then obviously the final step taken was to transform two one-block near-collision differential paths into a twoblock
    collision differential path with twice the search complexity.

    Duh...

    --
    Ironically, the word ironically is often used incorrectly.
    1. Re:Big deal by gardyloo · · Score: 5, Funny

      Invariant manifolds? You were lucky! We dreamed of invariant manifolds. We had to make do with symplectic diffeomorphisms of the torus, what with its four fixed points, you know, assuming that the eigenvalues of the Jacobi matrix are not equal to minus unity at any point... and we liked it.

  4. Security by bredk · · Score: 5, Funny

    I've just changed away from using SHA-1. Double ROT13 seems most appealing these days. ;)

    --
    http://slashdot.su/
    1. Re:Security by CRCulver · · Score: 5, Funny

      SHA-1 isn't a cipher, it's a hash algorithm. Therefore, it has nothing to do with encryption (like ROT13), but with authentication. Sorry to ruin your little joke, which has become a tired amusement lamely presented in every new Slashdot story on cryptography.

    2. Re:Security by cpeikert · · Score: 5, Funny

      Wait a minute, you don't sound sorry at all!