The Null Device

SHA-1 broken

The SHA-1 hash function, touted for a few years as more secure than MD5, has apparently been broken. What this means is that (assuming that the details check out), for any file (such as a digital signature) with a SHA-1 checksum, an attacker can create an alternative file with the same checksum in a sufficiently short time to make it practical. Which means that, with a modern computer, script kiddies, online fraudsters and others will soon be able to create genuine-looking digital signatures on demand. (via Techdirt)

There are no comments yet on "SHA-1 broken"

Want to say something? Do so here.

Post pseudonymously

Display name:
To prove that you are not a bot, please enter the text in the image into the field below it.

Your Comment:

Please keep comments on topic and to the point. Inappropriate comments may be deleted.

Note that markup is stripped from comments; URLs will be automatically converted into links.