Hacks: Smashing SHA-1 to Shambles for less than 1BTC
Sangy
sangy at riseup.net
Wed Dec 30 10:08:14 PST 2020
1. This is old news
2. This particular type of collision is detectable by sha1dc (which is
use by git) last time I checked.
-S
On Wed, Dec 30, 2020 at 04:07:26PM +0000, coderman wrote:
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On Wednesday, December 30, 2020 6:04 AM, grarpamp <grarpamp at gmail.com> wrote:
>
> > https://eprint.iacr.org/2020/014
> > SHA-1 is a Shambles - First Chosen-Prefix Collision on SHA-1 and
> > Application to the PGP Web of Trust
> > ... We managed to significantly reduce the
> > complexity of collisions attack against SHA-1: on an Nvidia GTX 970,
> > identical-prefix collisions can now be computed with a complexity of
> > 261.2 rather than 264.7, and chosen-prefix collisions with a
> > complexity of 263.4 rather than 267.1. When renting cheap GPUs, this
> > translates to a cost of 11k US\$ for a collision, and 45k US\$ for a
> > chosen-prefix collision, within the means of academic researchers. Our
> > actual attack required two months of computations using 900 Nvidia GTX
> > 1060 GPUs (we paid 75k US\$ because GPU prices were higher, and we
> > wasted some time preparing the attack).
> > Therefore, the same attacks that have been practical on MD5 since 2009
> > are now practical on SHA-1. In particular, chosen-prefix collisions
> > can break signature schemes and handshake security in secure channel
> > protocols (TLS, SSH).
>
>
> someone could warm some GPUs and really make a mess of commits to public repos. (yes, git uses SHA1 :)
>
> see also https://github.com/bk2204/git/blob/transition-stage-4/Documentation/technical/hash-function-transition.txt
>
>
> best regards,
More information about the cypherpunks
mailing list