mailing list archives
Re: Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1)
From: Tim <tim-security () sentinelchicken org>
Date: Wed, 21 Mar 2007 12:24:35 -0400
On Wed, Mar 21, 2007 at 06:45:19PM +0300, 3APA3A wrote:
Dear Michael Silk,
First, by reading 'crack' I thought lady can recover full message by
it's signature. After careful reading she can bruteforce collisions 2000
Both of you guys are confused.
First off Michael: this is old news. It doesn't seem to indicate that
finding collisions is any faster than 2^63, which was reported quite
some time ago.
SHA-1 is 160 bit hash. Bruteforced 2000 times faster, it retains the
strength of 149-bit hash for bruteforce collision attack (150 bit for
birthday attack) by given text (MD5 is 128 bit). Great achievement. This
can only be treated seriously by US court, like it was with MD5 :)
Secondly, 3APA3A, birthday attacks against the collision-resistance
property of a hash take approximately 2^(b/2) time, where b is the
number of bits. That is, brute-force birthday attacks would take around
2^80 time against SHA-1. These attacks reduce the complexity to 2^63,
or thereabouts, at least from what I've read previously.
As for US courts... which case are you referring to (as I'd be
interested to read the results)? The only one I know of involving MD5
was an Australian case.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/