Security News > 2020 > January > Hash snag: Security shamans shame SHA-1 standard, confirm crucial collisions citing circa $45k chip cost

Hash snag: Security shamans shame SHA-1 standard, confirm crucial collisions citing circa $45k chip cost
2020-01-08 22:21

Back in 2012, the same year America's National Institute of Standards Technology advised against using SHA-1 for applications that require collision resistance, cryptographer Bruce Schneier estimated that the cloud computing bill for carrying out a SHA-1 attack would be about $2.77m. And he projected the cost would fall to about $43,000 by 2021.

In their paper, Leurent and Peyrin put the theoretical cost at $11,000 for a SHA-1 collision and $45,000 for a chosen-prefix collision.

"SHA-1 is the default hash function used for certifying PGP keys in the legacy branch of GnuPG, and those signatures were accepted by the modern branch of GnuPG before we reported our results," they note.

OpenSSL developers, the researchers say, are considering disabling SHA-1 for the security level 1 setting, which calls for at least 80-bit security.

GitHub, Microsoft's hosted Git service, offered similar reassurance, noting in a blog post that it had implemented collusion detection for each hash it computes and that the open source Git project is developing a plan to move away from SHA-1.


News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/01/08/hash_slamming_security_shamans/