Slashdot Mirror

← Back to Stories (view on slashdot.org)

Deprecation of MD5 and SHA1 -- Just in Time? (threatpost.com)

Posted by Soulskill on from the or-just-a-few-years-too-late dept.

mitcheli writes: If you're hanging on to the theory that collision attacks against SHA-1 and MD5 aren't yet practical, two researchers from INRIA, the French Institute for Research in Computer Science and Automation, have provided reason for urgency. They demonstrated a new series of transcript collision attacks centered on the SHA-1 and MD5 implementations in TLS 1.1, 1.2 and 1.3, along with IKEv1 and v2, and SSH 2. They say, "Our main conclusion is that the continued use of MD5 and SHA1 in mainstream cryptographic protocols significantly reduces their security and, in some cases, leads to practical attacks on key protocol mechanisms (PDF)." Of course, Mozilla officially began rejecting new SHA-1 certificates as of the first of the year. And as promised, there have been some usability issues. Mozilla said on Wednesday that various security scanners and antivirus products are keeping some users from reaching HTTPS websites.

4 of 87 comments (clear)

  1. You shouldn't use one hash. by queazocotal · · Score: 1, Interesting

    hashmd5(data) is weak.
    hashsha1(data) is weak.
    hashsha1(hashmd5(data)) is strong, and unlikely to be attacked successfully unless your key data is too short.

  2. Catch 22 by Geoffrey.landis · · Score: 5, Interesting

    Wow, looks like Firefox has some real problems.
    From the link quoted: https://blog.mozilla.org/secur...

    How to tell if you’re affected
    If you can access this article in Firefox, you’re fine.

    So, if you Firefox is affected, they won't tell you about it. They'll only tell you if your Firefox is not affected.

    Later, same blog post:

    What to do if you’re affected
    The easiest thing to do is to install the newest version of Firefox. You will need to do this manually, using an unaffected copy of Firefox or a different browser, since we only provide Firefox updates over HTTPS.

    So, if your Firefox is affected, you can't upgrade it: you need to have the working version of Firefox to download a working version of Firefox.

    What a Catch 22! You can't know about the problem unless you already have fixed the problem, and you can't fix the problem... unless you have already fixed the problem.

    --
    http://www.geoffreylandis.com
    1. Re:Catch 22 by Anonymous Coward · · Score: 2, Interesting

      People will notice, they will not be able to use their bank for example, they probably try reinstalling Firefox, or the worse for Mozilla, install Chrome

  3. Re:It Depends on Why You Are Using Hash Codes by Anonymous Coward · · Score: 2, Interesting

    When transmitting a file over a LAN, WAN, or the Internet, however, SHA1 and MD5 are still useful to ensure that the file has not been corrupted (e.g., packets lost).

    That's error checking though, not cryptography. They're not saying these hashes are useless, just not a good idea in security.

    For use in encryption or for verifying that a file is authentic, SHA1 and MD5 should definitely be avoided.

    ... Also, those two hashes can be used to determine if two files in the same system are the same.

    That kind of sounds like you contradicted yourself there. (Maybe some minor semantic difference)