Weakness Discovered in Widely Used Process for Digital Signatures
As reported today, Chinese scientists have discovered a theoretical weakness in SHA-1, one of the most widely used HASH algorithms. My soapbox just got a bit sturdier. Who is going to assume responsibility for this risk in transactions or systems based upon SHA-1 (or the cost of switching technology over to a newer, more secure, system).
The following snippet from the CNET article makes my point:
To computer scientsts, the SHA and MD5 algorithms are known as hash functions. They take all kinds of input, from an e-mail message to an operating-system kernel, and generate what's supposed to be a unique fingerprint. Changing even one letter in the input file should result in a completely different fingerprint.
Security applications rely on these fingerprints being unique. But if a malicious attacker could generate the same fingerprint with a different input stream, the cloned fingerprint--known as a hash collision--would certify that software with a back door is safe to download and execute.
That would help a crook who wanted to falsely sign an e-mail instructing that someone's bank account be emptied. Or a digitally signed contract could, in theory, be altered but appear valid.
Link to the CNET Article here.
The following snippet from the CNET article makes my point:
To computer scientsts, the SHA and MD5 algorithms are known as hash functions. They take all kinds of input, from an e-mail message to an operating-system kernel, and generate what's supposed to be a unique fingerprint. Changing even one letter in the input file should result in a completely different fingerprint.
Security applications rely on these fingerprints being unique. But if a malicious attacker could generate the same fingerprint with a different input stream, the cloned fingerprint--known as a hash collision--would certify that software with a back door is safe to download and execute.
That would help a crook who wanted to falsely sign an e-mail instructing that someone's bank account be emptied. Or a digitally signed contract could, in theory, be altered but appear valid.
Link to the CNET Article here.