top of page

SHA-1 is Not Secure

Recently word has spread that the SHA-1 hashing algorithm is no longer secure. A comparatively cost-effective way has been found to to create specific files with duplicate SHA-1 hash values. Gaetan Leurent and Thomas Peyrin's paper, From Collisions to Chosen-Prefix Collisions Application to Full SHA-1, has shown that a 'chosen-prefix' collision attack is possible. A 'chosen-prefix' attack allows an attacker to create two files with substantive data inside that collide - or have the same SHA-1 hash value. The authors estimate that a SHA-1 collision attack can be achieved for as little as $110,000. The paper states that, " . . . our results show that, for some hash functions, chosen-prefix collision attacks are much easier than previously expected, and potentially not much harder than a normal collision search"

A normal collision attack simply involves finding two different messages which have equal hash values. A chosen-prefix involves finding where two prefixes when each added separately to different appendages produce the same hash value. A preimage attack aims for creating a specific hash value.

While it still may be used to identify duplicate files in electronic discovery, the SHA-1 algorithm has to be phased out of its use in the transport layer security (TLS) and secure socket layer (SSL) protocols used for communication across networks, and in PGP encryption. Leurent and Peyrin note that chosen -prefix collisions have been known to break digital certificates by imitating certificate authorities.

bottom of page