By Dan Goodin in San Francisco
10th June 2009
Cryptographers have found new chinks in a widely-used digital-signature
algorithm that have serious consequences for applications that sign
email, validate websites, and carry out dozens of other online
The researchers, from Macquarie University in Sydney, Australia, found a
way to break the SHA-1 algorithm in significantly fewer tries than
previously required. Although the hash function was previously believed
to withstand attempts numbering 2-63, the researchers have been able to
whittle that down to 2-52, a number that puts practical attacks well
within grasp of well-funded organizations.
Secure hashing algorithms are designed to reduce text or digital files
to a unique series of letters and numbers that is often compared to the
document's signature. The findings, which were published Wednesday here
(PDF) , mean it's easier to create what cryptographers call
collisions in SHA-1, in which two different sources share the same the
"I'm expecting that we'll start seeing SHA-1 collisions before the end
of the year, if not sooner," said Paul Kocher, president and chief
scientist at Cryptography Research, a San Francisco-based consultancy.
"For applications that fail because of collisions, you need to be really
Visit the InfoSec News security bookstore!