Google Announces First Practical SHA1 Collision
Google today announced the first practical technique for generating a SHA1 collision where two files could have different contents yet generate an identical SHA1 hash.
Though it's still not too easy to come by such an attack: Google's SHA1 "shattered" attack takes 110 GPUs one year of work to produce a collision while a SHA1 bruteforce attack on the other hand would take 12 million GPUs and a year worth of work.
In 90 days, Google will release its code that allows people to create a pair of PDFs that hash to the same SHA1 sum but there are some pre-conditions.
Those interested in Crypto can read Google's announcement this morning via their security blog or as with most disclosures they have come up with a cute name and website: Shattered.io.