AsianScientist (Feb. 24, 2020) – Cryptography experts at Nanyang Technological University (NTU), Singapore, and the French national research institute for digital sciences INRIA in Paris, have demonstrated a critical security flaw in a commonly used security algorithm known as SHA-1. The vulnerability allows cyberattackers to fake specific files and the information within them, passing them off as authentic.
SHA-1 is a hash function, a building block in cryptography used in almost every digital authentication process. The algorithm underpins the security of many digital applications in internet banking, web-based communications and payment portals of online shopping sites.
Fundamentally, the hash function takes a lengthy input message and creates a short digital fingerprint for it, called a hash value. A hash function is considered secure if it is difficult for an attacker to find two different inputs that lead to identical hash values. When two different inputs share the same value, a ‘collision’ is said to have occurred.
In a study published on the International Association for Cryptologic Research’s e-print site, NTU’s Associate Professor Thomas Peyrin and INRIA’s Dr Gaëtan Leurent used a cluster of 900 GPUs running for two months to break the SHA-1 algorithm via what is known as a ‘chosen-prefix collision attack.’
Their chosen-prefix collision targeted a type of file called a PGP/GnuPG certificate, which is a digital proof of identity that relies on SHA-1 as a hash function.
“This changes everything in terms of threat because meaningful data, like names or identities in a digital certificate, can now be counterfeited. We have given an example of its impact with a successful attack on a real system, the PGP Web-of-Trust, which is a well-known key-certification solution,” Peyrin said.
The researchers note that as a result of their work, developers of software packages dealing with digital certificates have in the last few months applied countermeasures in their latest versions, treating SHA-1 as insecure. Peyrin hopes that the publication of these findings will further encourage the IT industry to quickly move away from all use of such weak cryptographic functions. Newer hash functions, such as the SHA-2 family of hash functions devised in 2001, are not affected by the attack.
“Our work illustrates the fact that keeping computers secure is not only about developing new cryptographic schemes, but also keeping up with the latest ways to break older schemes. As mathematical and computational methods improve, it is extremely important to discard methods that can no longer be relied upon,” Peyrin added.
The article can be found at: Leurent & Peyrin (2020) SHA-1 is a Shambles – First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust.
———
Source: Nanyang Technological University; Photo: Unsplash.
Disclaimer: This article does not necessarily reflect the views of AsianScientist or its staff.
