The team, from Shandong University, the Chinese Academy of Sciences and Shanghai Jiaotong University, has proven SHA-1, used in the generation of digital signatures, can be compromised by a supercomputer.
"This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result," said cryptographic expert Bruce Schneier in his weblog. "It pretty much puts a bullet into SHA-1 as a hash function for digital signatures."
It was believed that some 2^80 operations would be needed to achieve a match (known as a collision). The research proves that a collision can be achieved at the much lesser figure of 2^69. A number that, although large, is breakable with today's computer technology.
Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu, who cracked SHA-1, last year released a paper discussing ways to compromise MD-4, MD-5, HAVAL and RIPEM-D, a group of other well-known algorithms.
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
