«
»

February 16th, 2005

SHA-1 broken

»

From Bruce Schneier:

SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing.

The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper announcing their result

SHA is a US standard hash function which is used in a lot of security application. (SHA-1 is also published as RFC 3174). How bad this news depend how easily to find the collision but we dont know until the papers are made public; But according to Bruce, looks like it still requires some brute-force but just (a lot ) less of it.

This entry was posted on Wednesday, February 16th, 2005 at 10:56 am and is filed under Technology. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

Comments are closed.