Is sha-1 redundant now that the source is nearly cracked

Discussion in 'Chit Chat' started by 3sidedcube, Dec 29, 2015.

  1. 3sidedcube

    3sidedcube MDL Member

    Oct 1, 2009
    120
    12
    10
    sha-1 is now classed as redundant seen as it's nearly cracked so should we trust it any more.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,696
    15,682
    340
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. TCM

    TCM MDL Addicted

    Aug 25, 2011
    803
    416
    30
    Maybe it helps to put it this way: If you can achieve what the hash function is designed to prevent, then it can be considered "cracked".
     
  4. It is no longer safe.
     
  5. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,964
    1,821
    180
    Crossing the road is not safe either...
     
  6. Perhaps safe inside Ólafsvík, Vesturland but NY?

    Come on ... time to change!
     
  7. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,718
    4,057
    120
    It's safe to cross in NY. You just have to move fast. :eekout:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. NY, not all are fast enough ... Ahaha :)
    [​IMG]
     
  9. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,718
    4,057
    120
    @Satoshi: That looks like Penn Station. (Or, around the corner from it.)

    You should see that place around rush hour...It's a zoo. :eek:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. QuantumBug

    QuantumBug MDL Developer

    Mar 7, 2012
    1,530
    1,388
    60
    SHA1 was exploited, not cracked. There's a fkin difference.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. TCM

    TCM MDL Addicted

    Aug 25, 2011
    803
    416
    30
    SHA-1 being exploited would mean some system was broken because of SHA-1. AFAIK, outside of these theoretical weaknesses, it hasn't, yet.

    Just don't use it anymore when you can also use SHA-2.
     
  12. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,718
    4,057
    120
    #13 Michaela Joy, Feb 28, 2016
    Last edited: Feb 28, 2016
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. TCM

    TCM MDL Addicted

    Aug 25, 2011
    803
    416
    30
    #14 TCM, Feb 28, 2016
    Last edited: Feb 28, 2016
    Being able to find 2 inputs that give colliding outputs is still a whole different thing than finding a colliding input for another fixed input. Edit: http://crypto.stackexchange.com/questions/29695/what-is-a-freestart-collision

    So while SHA-1 isn't trivially broken as to cause real problems, it's too weak to use for new implementations. And you probably shouldn't use it for signing mails with legal documents and such. :)

    Edit: That link is about MD5 which nobody should use anymore. But it's basically the same thing happening.
     
  14. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    952
    912
    30