找回密码
 新注册用户
搜索
查看: 11016|回复: 0

继MD5之后,SHA-1晚节不保

  [复制链接]
发表于 2005-2-18 13:47:13 | 显示全部楼层 |阅读模式
虽然还是需要进行2**69次hash操作,但是原本需要2**80的……

详见:
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html

February 15, 2005

SHA-1 Broken

SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing.

The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper describing their results:

          ●collisions in the the full SHA-1 in 2**69 hash operations, much less than the brute-force attack of 2**80 operations based on the hash length.

          ●collisions in SHA-0 in 2**39 operations.

          ●collisions in 58-round SHA-1 in 2**33 operations.

This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result. It pretty much puts a bullet into SHA-1 as a hash function for digital signatures (although it doesn't affect applications such as HMAC where collisions aren't important).

The paper isn't generally available yet. At this point I can't tell if the attack is real, but the paper looks good and this is a reputable research team.

More details when I have them.

Posted on February 15, 2005 at 07:15 PM
编辑:修复了楼主给出的链接

[ Last edited by wpolly on 2005-2-18 at 07:01 PM ]
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 新注册用户

本版积分规则

论坛官方淘宝店开业啦~
欢迎大家多多支持基金会~

Archiver|手机版|小黑屋|中国分布式计算总站 ( 沪ICP备05042587号 )

GMT+8, 2024-12-2 04:01

Powered by Discuz! X3.5

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表