Chinese break SHA-1 encryption

Wide open. Claim

By Nick Farrell

Mon Feb 21 2005, 07:03

THE SHA-1 algorithm, a method of encryption that has been in common use for the last nine years, has been broken, it's claimed.

In his blog here, world authority on encryption Bruce Schneier, said that a three-person Chinese research team, mostly from Shandong University in China, had been circulating a paper about having broken the algorithm.

This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result.

He said that the attack pretty much put a bullet into SHA -1 as a hash function for digital signatures, even though it is beyond the scope of most criminals to exploit. µ

* THE ORIGINAL note in PDF form is here.

Experts propose workarounds for BEAST SSL/TLS attack Websites can switch to RC4 Monday, 26 September 2011, 12:16 PM Read more	OS X Lion flaws compromise account password security Password hashes exposed through directory services Tuesday, 20 September 2011, 12:33 PM Read more
Microsoft and Mozilla ban Dutch government root certificate PKIoverheid is no more Wednesday, 7 September 2011, 14:35 PM Read more	Bitcoin mining trojans are turning up more Aggressive distribution and enhanced functionality Monday, 5 September 2011, 14:48 PM Read more
Top 25 dangerous software errors are revealed SQL injection tops the list Thursday, 30 June 2011, 15:33 PM Read more	Marks and Spencer was hit by Epsilon breach Spear phishing attacks feared Wednesday, 6 April 2011, 12:18 PM Read more

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Application Architect

Application Architect: ...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Chinese break SHA-1 encryption

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review