SHA-1 break - in perspective

Atom Smasher atom at smasher.org
Wed Feb 16 21:56:25 CET 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

this should help put the (alleged until proven otherwise) SHA-1 break into 
perspective. thanks to Sascha Kiefer for giving me the idea.

let's say that unbroken SHA-1 represents a 100 meter (328 ft) wall. if a 
break allows a collision to be found in merely 2^69 operations (on 
average), that would mean the wall has crumbled to 4.9 cm (1.9 in) tall. 
that's broken!!

OTOH, let's say that unbroken MD5 represents a 100 meter (328 ft) wall. 
comparing unbroken MD5 to broken SHA-1 means the wall would actually grow 
from 100 meters (328 ft) tall to 3.2 km (1.99 miles) tall. SHA-1, even if 
it's broken enough to find a collision in 2^69 operations (on average), is 
still stronger than MD5 was ever meant to be.

again, using unbroken MD5 as our reference of a 100 meter (328 ft) wall, 
unbroken SHA-1 would be a wall 6553.6 km (4072 miles) tall. SHA-1 was 
intended to be incredibly stronger than MD5.


- -- 
         ...atom

  _________________________________________
  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -------------------------------------------------

 	"IDEA's key length is 128 bits - over twice as long as DES.
 	 Assuming that a brute force attack is the most efficient,
 	 it would require 2^128 (10^38) encryptions to recover the
 	 key. Design a chip that can test a billion keys per
 	 second an throw a billion of the them at the problem,
 	 and it will still take 10^13 years - that's longer than
 	 the age of the universe. An array of 10^24 such chips can
 	 find the key in a day, but there aren't enough silicon
 	 atoms in the universe to build such a machine. Now we're
 	 getting somewhere - although I'd keep my eye on the dark
 	 matter debate."
 		-- Bruce Schneier, Applied Cryptography

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJCE7N+AAoJEAx/d+cTpVciBIMH/2XFTi0DMGuhXrwCEvmXvxIN
of+aZbdO/vJgDWVR5u7amHOEKf0EBtzhgUxgpFbrGybx26JCx1zL40BfxXxZb6LH
AxJhHvCqtZ/XSqQIXBU0fMT9/sicWV/f8sHvlOWCWGCKRdmus0tMSODW9T8vdWaT
jrTXvOqnFx2fUKsZiyjwPQQYw9kln7m/MRpon6SiPxmjZFoUWlap/c1OnqjVwpUR
xKwczYBZmQdozR24G/pWfVCkbleYcvkPHu/EcV22x9UEiUyHseBxRVgoV0NAV9Ln
tzdbBeMPBTUyuCVFlZGXqdMA1+cevpxSt4WsJt8yX+h2VtSzwq2YMqFsA9xeVpg=
=I/9u
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list