HN – The first chosen-prefix collision for SHA-1

Secrets From the Future, by MC Frontalot, as mentioned by @WorldMaker.

You can’t hide secrets from the future with math.
You can try, but I bet that in the future they laugh
at the half-assed schemes and algorithms amassed
to enforce cryptographs in the past.

HN – The first chosen-prefix collision for SHA-1

Hitting the front page of Hacker News, a team of cryptographers have calculated the first chosen-prefix collision for SHA-1. We recommend you give the link and comments a read. Summary follows.

In true form, cryptographers tend to use hyperbolic language to describe found vulnerabilities. Case in point, from the GitHub reporting this new finding:

  • The title alone – “SHA-1 is in Shambles”
  • “We have computed the very first chosen-prefix collision for SHA-1. In a nutshell, this means a complete and practical break of the SHA-1 hash function…”
  • “SHA-1 has been broken for 15 years, so there is no good reason to use this hash function in modern security software.” (not exactly true. Theoretical vulnerabilities were discovered as early as 2005, but a collision wasn’t demonstrated until 2015)

No doubt this is an interesting and potentially ground-breaking discovery.

If the spectrum of response is “The world is ending” on one end, “It’s hyperbole” on the other end, and “Security is hopeless” in the middle, Hacker News comments have it covered:

  • Security is hopeless: “…the feeling is related to not being able to rely on anything in our field. Hard to justify going to the trouble of encrypting your backup…nothing seems to work in the long run.”
  • It’s hyperbole: “Why are cryptographers always exaggerating things and so out of touch with reality? The first actual collision was like 3 years ago. It’s not like the world has been on fire in the meantime, and it’s not like SHA-1 is broken for every single possible usage even now. And why the nonsense with “no good reason”? Obviously performance is one significant consideration for the unbroken use cases. Do they think painting a different reality than the one we live in somehow makes their case more compelling?”
  • The world is ending: “Since SHA-1 was always possible to break, and since NSA probably gets access to big computers and sophisticated techniques before researchers, why doesn’t this invalidate every SHA-1 signature ever made and not just ones from last year?”

As always, read the source for yourself and make your own judgement. Summary, original paper.

Speak to an expert

Thank you for reaching out. One of our experts will be in touch with you.