SHA-1 break - in perspective

Atom Smasher atom at
Wed Feb 16 21:56:25 CET 2005

Hash: SHA256

this should help put the (alleged until proven otherwise) SHA-1 break into 
perspective. thanks to Sascha Kiefer for giving me the idea.

let's say that unbroken SHA-1 represents a 100 meter (328 ft) wall. if a 
break allows a collision to be found in merely 2^69 operations (on 
average), that would mean the wall has crumbled to 4.9 cm (1.9 in) tall. 
that's broken!!

OTOH, let's say that unbroken MD5 represents a 100 meter (328 ft) wall. 
comparing unbroken MD5 to broken SHA-1 means the wall would actually grow 
from 100 meters (328 ft) tall to 3.2 km (1.99 miles) tall. SHA-1, even if 
it's broken enough to find a collision in 2^69 operations (on average), is 
still stronger than MD5 was ever meant to be.

again, using unbroken MD5 as our reference of a 100 meter (328 ft) wall, 
unbroken SHA-1 would be a wall 6553.6 km (4072 miles) tall. SHA-1 was 
intended to be incredibly stronger than MD5.

- -- 

  PGP key -
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808

 	"IDEA's key length is 128 bits - over twice as long as DES.
 	 Assuming that a brute force attack is the most efficient,
 	 it would require 2^128 (10^38) encryptions to recover the
 	 key. Design a chip that can test a billion keys per
 	 second an throw a billion of the them at the problem,
 	 and it will still take 10^13 years - that's longer than
 	 the age of the universe. An array of 10^24 such chips can
 	 find the key in a day, but there aren't enough silicon
 	 atoms in the universe to build such a machine. Now we're
 	 getting somewhere - although I'd keep my eye on the dark
 	 matter debate."
 		-- Bruce Schneier, Applied Cryptography

Version: GnuPG v1.4.0 (FreeBSD)
Comment: What is this gibberish?


More information about the Gnupg-users mailing list