Researchers out to demonstrate inherent weaknesses in the SHA-1 internet security standard announced they had broken the legacy cryptographic algorithm using a so-called collision attack.
SHA-1 has long been discredited for known weaknesses, but the newly unveiled research illustrates its susceptibility to previously unknown security infractions. Going beyond theoretical probabilities, the demonstration proves that systems still using SHA-1 to verify transactions are at risk.
The "cryptographic hash function" is a mathematical algorithm that uses a 40-character string to represent a digital object to secure credit card transactions, electronic documents, GIT open-source software repositories and software distribution. No two "digests" should be the same.
But, owing to an effort between the Cryptology Group at Centrum Wiskunde & Informatica – a Dutch research institute for mathematics and computer science – and the Google Research Security, Privacy and Anti-abuse Group, a cryptanalytic attack was developed to illustrate how a SHA-1 signature produced for one file could be misused as a valid signature for any other colliding file."Moving forward, it's more urgent than ever for security practitioners to migrate to safer cryptographic hashes such as SHA-256 and SHA-3," the Google researchers stated on a blog post.
"The news of Google's successful attacks against SHA-1 is certainly lighting up the cryptography circles on Twitter and the rest of the internet, and to be sure, there are plenty of applications that still rely on SHA-1 for ensuring the uniqueness of data," Tod Beardsley, director of research at Rapid7, told SC Media on Thursday. "After all, once a technology becomes commonplace on the internet, it's nigh impossible to stamp it out, even in the face of overwhelming evidence of its insecurity."
However, Beardsley says he's not quite ready to panic over this finding just yet as SHA-1 has been on a death watch for years. Google, Microsoft, Apple and Mozilla have all banded together to stamp out SHA-1 hashed SSL certificates for websites, and it's rare to run into one today, he says. "I do worry a little about non-browser implementations of SSL/TLS (such as those used by IoT devices to talk to each other and cloud hosted APIs), but the attack surface here is significantly smaller than, say, the Heartbleed vulnerabilities when those were announced.”
Google's announcement just confirms what is already known: SHA-1 is simply not secure, Kevin Bocek, chief security strategist for Venafi, told SC Media on Thursday. "Attacks against SHA-1 are no longer science fiction. Unfortunately, despite the dangers, many organisations are just not reacting quickly.”
The fact is, in November Venafi research found that 35 percent of organisations were still using SHA-1 certificates. "These companies might as well put up a welcome sign for hackers that says, ‘We don't care about the security of our applications, data and customers',” Bocek said.