Cryptographic experts at the Crypto 2006 conference have demonstrated a modified method of attack against a reduced variant of the SHA-1 hash algorithm. The new method is an attack which, for the first time, allows at least a part of the message to be freely selected, for example as straight text.
Previous approaches, for example the collision attack by Xiaoyun Wang and her team, which attracted considerable attention, were merely able to produce almost completely different hash twins of the same length, both consisting of meaningless gibberish.
Although the demonstration was restricted to the reduced SHA-1 variant in 64 steps, it can, according to the experts, also be generalised to the standard 80 step variant. This means that SHA-1 must also be considered as cracked in principle. Christian Rechberger, who developed the new attack together with his colleague Christophe De Canniиre, explained to heise Security that, in their experiments, up to one quarter of the message could be freely selected.Read Full Story