Colliding Hash Destroys Western Civilization

I don't want to alarm you all, but a handful of papers presented at Crypto 2004 conference last week could force most, if not all, security software, services, and certificates to be upgraded in the near future.  Why?  Because strength of two popular hashing algorithms, MD5 and SHA-1, are being questioned by those papers.  These algorithms are used literally everywhere so, if these papers are right, the impact crater will be huge.

MD5 was known to be weak before but, according to one of the papers, it's much weaker than previously known.  How weak?  Supposedly, just a few hours on your desktop PC will break it, meaning you can find a bogus set of bits that produce the same hash as the bits you are trying to spoof.  Oy!

Advertisements