M32 Security » md4 http://m32consulting.com Network Security Info, News, and Resources Sun, 22 Jan 2012 23:37:02 +0000 en hourly 1 SHA-1 hash collision predicted within the yearhttp://m32consulting.com/2009/06/sha-1-hash-collision-predicted-within-the-year/?utm_source=rss&utm_medium=rss&utm_campaign=sha-1-hash-collision-predicted-within-the-year http://m32consulting.com/2009/06/sha-1-hash-collision-predicted-within-the-year/#comments Wed, 17 Jun 2009 03:02:41 +0000 Kyle http://m32consulting.com/?p=30 Bruce Schneier writes about a new cryptanalysis attack published recently brings the SHA-1 hashing algorithm increasingly closer to a realistic collision. Considering the SHA-1 algorithm is designed closeley to the principles of MD4 and MD5 hashing algorithms, it seems not a question of if, but a question of when. Bruce writes:

A new attack can, at least in theory, find collisions in 252 hash operations — well within the realm of computational possibility. Assuming the cryptanalysis is correct, we should expect to see an actual SHA-1 collision within the year.

This has little immediate real-world implications on data security since most have moved on to stronger or the SHA-2 family of algorithms which, for now, are safe. Nontheless, the NIST has already begun development on a “SHA-3″ algorithm with publication to be expected in 2012.

More on Bruce Schneier’s blog post.

Tags: , , , , , , , , , , , , , , ,
]]> http://m32consulting.com/2009/06/sha-1-hash-collision-predicted-within-the-year/feed/ 0