SHA1 has been cracked by Chinese investigators...
You can read the whitepaper here: http://theory.csail.mit.edu/~yiqun/shanote.pdf
SHA1 Cracked :P
-
Psychophanta
- Always Here
- Posts: 5153
- Joined: Wed Jun 11, 2003 9:33 pm
- Location: Anare
- Contact:
Re: SHA1 Cracked :P
What is SHA1 mainly used for? I know MD5 is used for verification, and RC4
is for encryption/decryption of sensitive data, but what about SHA1? Thanks.
is for encryption/decryption of sensitive data, but what about SHA1? Thanks.
I compile using 5.31 (x86) on Win 7 Ultimate (64-bit).
"PureBasic won't be object oriented, period" - Fred.
"PureBasic won't be object oriented, period" - Fred.
-
freedimension
- Enthusiast
- Posts: 613
- Joined: Tue May 06, 2003 2:50 pm
- Location: Germany
- Contact:
No! sha1, md5 and similar are Hash algorithms.
They act as data finger prints.
The routines are made in such as way to make it virtually
impossible for i.e two almost identical files, or two very "similar" passwords
to end up with the same hash.
It is one way only.
It is very popular, esp md5.
This forum for example uses md5 to store the passwords.
So when you log into this forum the php code uses the php function md5()
on your password, then compare that hash with the hash allready stored in the forum database.
md5 and sha1 etc aren't really "encryption" they are just fingerprint/hash routines, and are one way.
So there is no way to reverse engineer a hash.
Altough you could try hashing every word in the dictionary and thus compare hashes and that way "crack" a hashed password.
There is a few sites on the net where you can enter a md5 hash
and if that hash is of i.e a word or password that is found in a common dictionary you will be able to find out if it's a match or not.
When the news articles say that sha1 is "cracked" it isn't entirely true,
what they did was find collitions earlier than expected.
A collision in the case of md5 and sha1 simply means that
two files or two different data ended up with the exact same hash.
This is no serious problem for normal use,
i.e. for making a md5 or sha1 hash of a file
and use that as a file fingerprint to ensure a file hasn't been damaged
during transport or storage (same as CRC32 etc)
A collison COULD be bad, but remember that files also have filenames,
and different filesizes and dates and more.
And since collissions are so rare it's not a every day "issue".
(usually files use CRC32 but that is only 32bit's, md5 is 128bits and thus less likely for collisions, and sha1 is 160bits)
The security issue with this is when md5 and sha1 is used to hash certificate's etc to ensure they are undamaged/unmodified.
The more "collisions" that are easily found,
the larger the chance that a black hat hacker or a cracker can
create a fake certificate but whos hash match the original certificates hash.
So md5 and sha1 are still secure "enough" just not as secure as one tought at first.
sha1 was supposed to be unbreakable and was made as a possible replacement for md5 (since it has 160bits ves md5's 128 bits)
no hash will EVER be perfect. why? there is no way one could make a fingerprint of eveyr possible file unique.
To do that you would literally have a hash as big as the file/data itself. *laughs*
Which would defeat the purpose of hash routines like crc32, md5, and sha1
that they are a small and easy/quick way to check the intergrity of a file or data.
They act as data finger prints.
The routines are made in such as way to make it virtually
impossible for i.e two almost identical files, or two very "similar" passwords
to end up with the same hash.
It is one way only.
It is very popular, esp md5.
This forum for example uses md5 to store the passwords.
So when you log into this forum the php code uses the php function md5()
on your password, then compare that hash with the hash allready stored in the forum database.
md5 and sha1 etc aren't really "encryption" they are just fingerprint/hash routines, and are one way.
So there is no way to reverse engineer a hash.
Altough you could try hashing every word in the dictionary and thus compare hashes and that way "crack" a hashed password.
There is a few sites on the net where you can enter a md5 hash
and if that hash is of i.e a word or password that is found in a common dictionary you will be able to find out if it's a match or not.
When the news articles say that sha1 is "cracked" it isn't entirely true,
what they did was find collitions earlier than expected.
A collision in the case of md5 and sha1 simply means that
two files or two different data ended up with the exact same hash.
This is no serious problem for normal use,
i.e. for making a md5 or sha1 hash of a file
and use that as a file fingerprint to ensure a file hasn't been damaged
during transport or storage (same as CRC32 etc)
A collison COULD be bad, but remember that files also have filenames,
and different filesizes and dates and more.
And since collissions are so rare it's not a every day "issue".
(usually files use CRC32 but that is only 32bit's, md5 is 128bits and thus less likely for collisions, and sha1 is 160bits)
The security issue with this is when md5 and sha1 is used to hash certificate's etc to ensure they are undamaged/unmodified.
The more "collisions" that are easily found,
the larger the chance that a black hat hacker or a cracker can
create a fake certificate but whos hash match the original certificates hash.
So md5 and sha1 are still secure "enough" just not as secure as one tought at first.
sha1 was supposed to be unbreakable and was made as a possible replacement for md5 (since it has 160bits ves md5's 128 bits)
no hash will EVER be perfect. why? there is no way one could make a fingerprint of eveyr possible file unique.
To do that you would literally have a hash as big as the file/data itself. *laughs*
Which would defeat the purpose of hash routines like crc32, md5, and sha1
that they are a small and easy/quick way to check the intergrity of a file or data.
The use of MD5 or SHA1 for integrity checks is no problem. But as Rescator wrote for (X.509) certificates there will be. Depending on the needed securitylevel (e.g. for financial transactions) MD5 should not be used and SHA1 is not recommended for future use. The end of the SHA1 life cycle is in the near future.
For the experts read this article http://www.win.tue.nl/~bdeweger/Collidi ... -final.pdf about constructing colliding certificates.
For the experts read this article http://www.win.tue.nl/~bdeweger/Collidi ... -final.pdf about constructing colliding certificates.
AKA Bruteforcing.Altough you could try hashing every word in the dictionary and thus compare hashes and that way "crack" a hashed password.
Its the only method I know for MD5 at least.
Theres a couple of bruteforcing tools for md5 out there (since some years ago, but at that time when I tryed to bruteforce a md5 hash, it was taking 30 hours already and no luck, because of slow processors at those days, now it would take less or about that to bruteforce a md5 hash).
Hey sometimes is needed as an admin, you know what I mean.
