First Successful Collision Attack On the SHA-1 Hashing Algorithm

Artem Tashkinov writes: Researchers from Dutch and Singapore universities have successfully carried out an initial attack on the SHA-1 hashing algorithm by finding a collision at the SHA1 compression function. They describe their work in the paper "Freestart collision for full SHA-1". The work paves the way for full SHA-1 collision attacks, and the researchers estimate that such attacks will become reality at the end of 2015. They also created a dedicated web site humorously called The SHAppening.

Perhaps the call to deprecate the SHA-1 standard in 2017 in major web browsers seems belated and this event has to be accelerated.

Re:what about git?

[queazocotal]

Not quite.
This is not yet a full attack on SHA-1.
It cannot - yet - be used to generate a collision for any known hash.
It is an indication that you should move away from sha-1 as fast as you can.

Re:what about git?

[NotInHere]

No. That's second preimage attack. Collision is if you can chose multiple versions to map to the same hash.

Re:I won't be all that surprised...

[arglebargle_xiv]

People have been attacking SHA-1 since 2005.
https://en.wikipedia.org/wiki/...
No need for any conspiracy since people were warned about potential weaknesses in SHA-1 for a decade.

It's also important to point out that this is a free-start collision, where the attacker gets to choose the initial values, something that isn't possible with full SHA-1. This makes the attack much, much easier than an attack on full SHA-1. It took nearly a decade to go from the first free-start collision on MD5 to an actual attack, and MD5 was a much weaker function than SHA-1. Their estimate of "end of the year" may be a bit optimistic.