Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Google Announces First Practical SHA1 Collision

Written by Michael Larabel in Google on 23 February 2017 at 08:14 AM EST. 34 Comments

GOOGLE

While SHA1 is still much better off than MD5, developers really should think about moving to SHA256 or other crypto hashes with Google now demonstrating the first SHA1 collision.

Google today announced the first practical technique for generating a SHA1 collision where two files could have different contents yet generate an identical SHA1 hash.

Though it's still not too easy to come by such an attack: Google's SHA1 "shattered" attack takes 110 GPUs one year of work to produce a collision while a SHA1 bruteforce attack on the other hand would take 12 million GPUs and a year worth of work.

In 90 days, Google will release its code that allows people to create a pair of PDFs that hash to the same SHA1 sum but there are some pre-conditions.

Those interested in Crypto can read Google's announcement this morning via their security blog or as with most disclosures they have come up with a cute name and website: Shattered.io.

34 Comments

Related News

Google Preparing To Rollout Stable Chrome Releases Even Faster

Google Announces C3A Instances Coming, Powered By AmpereOne CPUs

Linux 6.6 To Support Rumble / Force Feedback On Google Stadia Controllers

Chrome 116 Released With Document Picture-In-Picture API

Go 2 For "Breaking With The Past" Will Never Come

Google May Reconsider JPEG-XL Image Support Within Chrome

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

The Maintainer Of The NVIDIA Open-Source "Nouveau" Linux Kernel Driver Resigns

Valve Is A Wonderful Upstream Contributor To Linux & The Open-Source Community

GCC Preparing To Introduce "-fhardened" Security Hardening Option

Intel To Further Collaborate With Red Hat, Canonical & SUSE For Intel-Optimized Linux Distros

Ubuntu 23.04 & 22.04.3 Installs Haven't Been Following Their Own Security Best Practices

SteamOS 3.5 Rolls Out In Preview On The Steam Deck With Many New Features

ReactOS "Open-Source Windows" Shown Running On Valve's Steam Deck

Microsoft Releases A Big Update To Windows Subsystem For Linux, New Experimental Options