Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 02-16-2005, 19:07
Anticode Anticode is offline
Friend
 
Join Date: Jan 2002
Posts: 49
Rept. Given: 24
Rept. Rcvd 6 Times in 6 Posts
Thanks Given: 22
Thanks Rcvd at 24 Times in 8 Posts
Anticode Reputation: 6
SHA1 has been broken!

more info at
h__P://www.schneier.com/blog/archives/2005/02/sha1_broken.html
Reply With Quote
  #2  
Old 02-16-2005, 21:00
ilyacr
 
Posts: n/a
It not news.Programs using SHA1 for a long time keygenned.
Example keygen sha1 in attach.
Attached Files
File Type: rar keygen.rar (20.3 KB, 26 views)
Reply With Quote
  #3  
Old 02-16-2005, 23:46
SheepShagger's Avatar
SheepShagger SheepShagger is offline
Friend
 
Join Date: Jan 2002
Location: UK
Posts: 58
Rept. Given: 2
Rept. Rcvd 6 Times in 1 Post
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
SheepShagger Reputation: 6
It is broken in the academic sense that "only" 2^69 operations are required to find a collision on a SHA-1 hashed message as opposed to the 2^80 the designers originally thought.

2^69 is still a huge number so if your secrets are of no interest to a major government/corporation I wouldn't run screaming just yet. You still have the option of other SHA variants (256, 384, 512) or, even better, other algorithms like RIPEMD or (my personal favorite) Whirlpool.

Nevertheless, it's an impressive accomplishment for the Chinese research team
Reply With Quote
  #4  
Old 02-17-2005, 02:58
CrackZ CrackZ is offline
VIP
 
Join Date: Sep 2004
Posts: 50
Rept. Given: 2
Rept. Rcvd 66 Times in 8 Posts
Thanks Given: 0
Thanks Rcvd at 14 Times in 8 Posts
CrackZ Reputation: 67
I'm with the NSA (not in a literal sense though).

"the attacks will only get better"

Like SheepShagger says though, the practicle application of this break is likely to be negligle to all but a few and if you haven't p*ssed off any major foreign powers anytime recently you'll probably be safe ;-).

Regards

CrackZ.
Reply With Quote
  #5  
Old 02-17-2005, 03:07
D-Jester's Avatar
D-Jester D-Jester is offline
VIP
 
Join Date: Nov 2003
Location: Ohio, USA
Posts: 269
Rept. Given: 39
Rept. Rcvd 61 Times in 41 Posts
Thanks Given: 0
Thanks Rcvd at 4 Times in 4 Posts
D-Jester Reputation: 61
Question

Quote:
Originally Posted by SheepShagger
It is broken in the academic sense that "only" 2^69 operations are required to find a collision on a SHA-1 hashed message as opposed to the 2^80 the designers originally thought.
I am quite the idiot when it comes to encryption, would it be possible for you to explain what exactly a collision is?

Thanks
__________________
Even as darkness envelops and consumes us, wrapping around our personal worlds like the hand that grips around our necks and suffocates us, we must realize that life really is beautiful and the shadows of despair will scurry away like the fleeting roaches before the light.
Reply With Quote
  #6  
Old 02-17-2005, 03:23
ArC ArC is offline
VIP
 
Join Date: Jan 2003
Location: NTOSKRNL.EXE
Posts: 172
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 5
Thanks Rcvd at 17 Times in 12 Posts
ArC Reputation: 1
A Collision occurs when two messages produce the same hash.
Reply With Quote
  #7  
Old 02-17-2005, 03:41
D-Jester's Avatar
D-Jester D-Jester is offline
VIP
 
Join Date: Nov 2003
Location: Ohio, USA
Posts: 269
Rept. Given: 39
Rept. Rcvd 61 Times in 41 Posts
Thanks Given: 0
Thanks Rcvd at 4 Times in 4 Posts
D-Jester Reputation: 61
Quote:
Originally Posted by ArC
A Collision occurs when two messages produce the same hash.
So by producing the same hash, you have found the correct values to decrypt the message?
__________________
Even as darkness envelops and consumes us, wrapping around our personal worlds like the hand that grips around our necks and suffocates us, we must realize that life really is beautiful and the shadows of despair will scurry away like the fleeting roaches before the light.
Reply With Quote
  #8  
Old 02-17-2005, 04:30
Grabenhund
 
Posts: n/a
Yep, pretty much D-Jester. One collision in 2**69 operations... that's quite minimal. Sure, for signatures, it means that you can't trust the algorithm 100% anymore. But for storing passwords, and other operations where collisions are not important, it doesn't matter much, even if there's another password that can generate the same hash, you still need to brute-force it.
Reply With Quote
  #9  
Old 02-17-2005, 05:03
SheepShagger's Avatar
SheepShagger SheepShagger is offline
Friend
 
Join Date: Jan 2002
Location: UK
Posts: 58
Rept. Given: 2
Rept. Rcvd 6 Times in 1 Post
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
SheepShagger Reputation: 6
Not quite. A (cryptographic) hash is not the encrypted message but rather the message's 'fingerprint'. For example:

The SHA-1 hash of "SheepShagger" is 0x03009B1F75C4D6FA9DA6C9A83C615D09DE99CEA2. If the message is altered in any way the hash will be completely different, so "Sheep-Shagger" will produce 0xCA76C00D3355B8B56AED7EF575FC827E20814EDB.

Because hashing algorithms are the building blocks of cryptographic systems, finding any weakness is significant as it undermines the systems that rely on them, but it doesn't necessarily make them unsafe. In this case it probably means that new crypto systems will not use SHA-1 anymore.

A great (and free!) book about all things crypto is Handbook of Applied Cryptography available at h++p://www.cacr.math.uwaterloo.ca/hac/

Last edited by SheepShagger; 02-17-2005 at 05:07.
Reply With Quote
  #10  
Old 02-17-2005, 07:13
tbone
 
Posts: n/a
In cryptography, hashes are primarily used for signing things, which makes them very important for trust relationships. The most common example would be signing an email with a program like PGP. In general, this is done by encrypting the text with your private key. It will only decrypt properly with your public key, which means that anyone who has your public key can verify that the document really came from you.

But, this isn't actually how things go down. It's a bad idea to encrypt large amounts of known text with your private key because in theory someone might be able to reverse your key if they had enough data. So instead, the text that you want to sign is hashed to a much shorter value, and then the hash is what gets encrypted by your private key as the signature. This works well enough in theory, but the problem is this:

When you sign a hash, you are effectively signing every document that could ever be written which would generate that hash. If someone knows how to create a deliberate collision, they could replace the text you "signed" with another message which generates the same hash. No one would be able to tell which text you really meant to sign because you signed the hash, not the text.

There are lots of other applications for hashes in cryptography, most of which deal with verifying the identity of someone or something. For example, hashes are used to verify that a public key really belongs to the person it claims to belong to. The key is too long for humans to easily compare, so you would call me up or meet me in person and ask me for a hash of my public key. The hash would be short and easy, so I would read it to you and you would compare it to the hash of the key you have. If they match, you would assume that the keys were the same. If someone could generate a public key which hashes to the same value as my public key, they could pass off their key as my own, and probably no one would notice the switch.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SHA1 preimage SAT solver chants Source Code 0 08-02-2020 07:11
SHA1 Collider TechLord General Discussion 0 03-01-2017 07:06
softice is broken after installing WindowsXP-KB890859-x86-ENU.exe jonwil General Discussion 2 04-24-2005 20:23


All times are GMT +8. The time now is 21:46.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )