-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/25/2017 04:29 PM, bbrewer wrote:
On Feb 23, 2017, at 10:18 PM, Marina Brown <catskillmarina@gmail.com> wrote:
What does it take to create 2 keys with the same SHA-1 sum ? My limited imagination thinks it would take a long time or a huge amount of processing power.
— Marina
"Who is capable of mounting this attack? This attack required over 9,223,372,036,854,775,808 SHA1 computations. This took the equivalent processing power as 6,500 years of single-CPU computations and 110 years of single-GPU computations.”
Or in other words, just 110 GPUs can find the same collision in a year; 40,000 can do it in a day. When one's threat model includes State and Corporate actors, that's not so good. In the context of security as a spending contest, weighing the cost of defending an asset vs. the cost of compromising the asset, SHA1 is not broken except in a few cases involving very value assets and very motivated attackers. But the security of SHA1 will continue to decline over time as number crunching gets cheaper, and a tipping point is coming. I figure bits are cheap and so is the "authorized users" end of crypto maths; bigger hashes (and keys) are harmless at worst and /may/ defeat attacks one does not suspect an adversary has. So rolling in SHA-2 could be a "now" thing. Figuring out when to deprecate then EOL SHA-1 is the remaining open question. :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJYsf/wAAoJEECU6c5XzmuqmsEH/30NhOD76o48atYKy+d6c7so z10oTDkJGZNzQvXdNiK2NMixFzJLkv1f/e/2Xr8aa+ml+jIQ+V6P+Ct7m+3FLrN9 XG8jlOPTsjdfgAZF97d6tti7qCVJWF5eBO/8zKdIT29BX4THE4zd7btUxiJmgFUi tIwYHqewKA5aZbKcGrPskcF2RkvY8O2M7T8oRaRSLW/H8xlkT0TR7s3cjh9sSeTq AzD+NHnfjrMiEEoV8+r4IxCxUeyeDTSASiKME6iYcU/JLj0vfG3dECmPcXofaKh9 I5sEFaYq93dz6J/huf5aph86TaPxMYJjDHJhmJeMtKBSFb6rt/sOZwoqaQIRPmU= =rcPW -----END PGP SIGNATURE-----