Research Duo Showcases First-Ever SHA-1 Chosen-Prefix Collision Attack



techrepublic cheat sheet



Attacks on the SHA-1 hashing algorithm just got a lot more dangerous last week with the discovery of the first-ever "chosen-prefix collision attack," a more practical version of the SHA-1 collision attack first carried out by Google two years ago.


What this means is that SHA-1 collision attacks can now be carried out with custom inputs, and they're not just accidental mishaps anymore, allowing attackers to target certain files to duplicate and forge.


SHA-1 collision attacks


The SHA-1 hashing function was theoretically broken in 2005; however, the first successful collision attack in the real world was carried out in 2017.


Two years ago, academics from Google and CWI produced two files that had the same SHA-1 hash, in the world's first ever SHA-1 collision attack --known as "SHAttered."


Cryptographers predicted SHA-1 would be broken in a real-world scenario, but the SHAttered research came three years earlier than they expected, and also cost only $110,000 to execute using cloud-rented computing power, far less than what people thought it might cost.





Image: Google

SHA-1 chosen-prefix attacks




But last week, a team of academics from France and Singapore has taken the SHAttered research one step further by demonstrating the first-ever SHA-1 "chosen-prefix" collision attack, in a new research paper titled "From Collisions to Chosen-Prefix Collisions - Application to Full SHA-1."


"Finding a practical collision attack breaks the hash function badly of course, but the actual damage that can be done with such a collision ..