Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Encryption Security IT

A Competition To Replace SHA-1 159

Posted by kdawson from the securing-government-bits dept.
SHA who? writes "In light of recent attacks on SHA-1, NIST is preparing for a competition to augment and revise the current Secure Hash Standard. The public competition will be run much like the development process for the Advance Encryption Standard, and is expected to take 3 years. As a first step, NIST is publishing draft minimum acceptability requirements, submission requirements, and evaluation criteria for candidate algorithms, and requests public comment by April 27, 2007. NIST has ordered Federal agencies to stop using SHA-1 and instead to use the SHA-2 family of hash functions."
This discussion has been archived. No new comments can be posted.

A Competition To Replace SHA-1 More

A Competition To Replace SHA-1

Comments Filter:

  • Leadtime for security: Is it too late? (Score:3, Insightful)

    by G4from128k ( 686170 ) on Wednesday January 24, 2007 @09:27AM (#17736622)
    The security of a given hash/encryption would seem to be a function of how much effort has gone into breaking it. Lots of algorithms can look good on paper, but until people really tear into the math and code, it's true level of unbreakability is undecidable. A 3 year competition is not likely to bring enough IQ, theorems, malevolence, or brute CPU cycles to bear against any candidate.

    The point is that any attempt to quickly create a new algorithm is likely to create an insecure one. Shouldn't we be trying to create candidate algorithms for the year 2050 to give the algorithms time to withstand attack? Or do we plan to keep creating new algorithms as a serial security-by-obscurity strategy.

  • Re:Leadtime for security: Is it too late? (Score:5, Insightful)

    by suv4x4 ( 956391 ) on Wednesday January 24, 2007 @09:43AM (#17736766)
    Shouldn't we be trying to create candidate algorithms for the year 2050 to give the algorithms time to withstand attack? Or do we plan to keep creating new algorithms as a serial security-by-obscurity strategy.

    This is what a hash is by design: obscurity. For mathematical reasons alone, you can't have a unique hash for your megabyte message crammed in (say) 256 bytes. Or 512, or 1024 bytes.

    And with a public algorithm spec, it's all about whether there's a determined group to turn it inside-out and make it easy to crack.

    That said, the ability to hack SHA/MD5 given the time and tools, doesn't make hashes useless. A hash by itself can be useless, but coupled with a good procedure that incorporates it, it can raise the security level just enough so it's not reachable by 99.99999...% of the potential hackers out there that will try to break you.

    Security is just an endless race on both sides, and will always be.

  • Re:Generic hashing is impractical (Score:4, Insightful)

    by simm1701 ( 835424 ) on Wednesday January 24, 2007 @09:48AM (#17736836)
    No you can't very easily modify it - thats the point.

    You can exhaustively search for a collision, but the time requirement is very much non trivial.

    Feel free to prove me wrong - unless you have a huge botnet or a supercomputer available I dont give you much chance of finding a collision that way for md5 let alone SHA-1

Slashdot Top Deals

2.4 statute miles of surgical tubing at Yale U. = 1 I.V.League

Close