[16918] in cryptography@c2.net mail archive
Re: [IP] SHA-1 cracked?
daemon@ATHENA.MIT.EDU (Ben Laurie)
Thu Feb 17 07:58:08 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 16 Feb 2005 15:39:56 +0000
From: Ben Laurie <ben@algroup.co.uk>
To: dave@farber.net
Cc: Ip <ip@v2.listbox.com>, Cryptography <cryptography@metzdowd.com>
In-Reply-To: <BE38CF28.1AE30%dave@farber.net>
David Farber wrote:
> ------ Forwarded Message
> From: Rodney Joffe <rjoffe@centergate.com>
> Date: Wed, 16 Feb 2005 07:36:36 -0700
> To: Dave Farber <dave@farber.net>
> Subject: SHA-1 cracked?
>
> For IP
>
> Hi Dave,
>
> Bruce Schneier is reporting in his blog that SHA-1 appears to have been
> broken by a Chinese group, and that is has collisions "in the the full SHA-1
> in 2**69 hash operations, much less than the brute-force attack of 2**80
> operations based on the hash length.".
>
> This could have non-trivial implications for many current commercial
> operations.
>
> http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
A work factor of 2^69 is still a serious amount of work. At a thousand
million trials a second, that's still well over 17 years. I doubt you
can get anything like that speed without _serious_ expenditure. For
reference, a middling PC can do around 200k single block SHA-1's a
second. So, multiply that by 5 million to get it down to 17 years,
assuming all you have to do is hash.
Of course, we don't have the details yet, but this is not the sky
falling on our heads (yet).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
