Skip to content

SHA-1 geknackt

Bruce Schneier schreibt in seinem Blog dass der Verschlüsselungs/Hash-Algorithmus SHA-1 gebrochen wurde. Das könnte lustig werden da gerade viele Leute SHA für Signaturen nutzen.
Das heisst nicht dass jeder dazu in endlicher Zeit in der Lage ist, SHA1 zu brechen. Aber durch Algorithmen ist es möglich, die Anzahl möglicher Kollisionenattacken die notwendig zum brechen sind, signifikant zu verringern; von 2^80 Versuchen auf 2^69.
Einer der Kommentare auf Bruces Blogseite beschreibt es recht gut:

That's 2**11 less operations. Let's say breaking this (2**69 ops) takes the NSA a week. If it had been 2**80, it would have taken 2048 weeks, or 39 years. If it would have taken the NSA (or whomever) a year to break SHA-1 before, it could be broken in 4 hours.

My guess would be it would still take a lot longer than a week - but would now be in the realm of possibility, whereas before it would have been in the lifetime(s) range. However, this is totally a wild-assed-guess, based on the assumption that it was expected to take 100+ years before this to crack.

Mal sehen was die Reaktionen darauf sein werden.


No Trackbacks


Display comments as Linear | Threaded

No comments

Add Comment

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
To leave a comment you must approve it via e-mail, which will be sent to your address after submission.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
Form options