U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Research Results on SHA-1 Collisions
February 24, 2017

On Thursday, February 23rd, Google announced  that a team of researchers from the CWI Institute in Amsterdam and Google have successfully demonstrated an attack on the SHA-1 hash algorithm by creating two files that hash to the same value. 

Their results further emphasize the need to migrate to stronger hash algorithms for digital signatures and other applications that require collision resistance. 

NIST deprecated the use of SHA-1 in 2011  and disallowed its use for digital signatures at the end of 2013, based on both the Wang, et. al, attack and the potential for brute-force attack.  To ensure that practitioners have secure and efficient hash algorithms to provide long-term security, NIST organized an international competition to select a new hash algorithm standard, SHA-3, which is specified in FIPS 202.

Government and industry have made great strides to migrate from SHA-1 to the stronger hash algorithms in the SHA-2 and SHA-3 families.  Those who have not done so yet should migrate as soon as possible.

The work by the CWI-Google team is the culmination of over a decade of research into the SHA-1 algorithm, beginning with the groundbreaking paper by Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu in 2005  that described the first cryptanalytic techniques capable of finding collisions with much less work than brute force.  Cryptographers around the world continued to improve upon these techniques.  The techniques used by this attack were developed by Marc Stevens, one of the members of the joint CWI-Google team.

While all of these researchers have made substantial contributions to the field of cryptography, today we recognize the work by these Google-CWI team members who made the challenging jump from theory to a practical demonstration of an attack:

Marc Stevens (CWI Amsterdam), Elie Bursztein (Google), Pierre Karpman (CWI Amsterdam), Ange Albertini (Google), Yarik Markov (Google), Alex Petit Bianco (Google), Clement Baisse (Google)

The research team has posted additional information at Shattered.io.

Parent Project

See: Hash Functions
Created February 24, 2017, Updated June 22, 2020