RapidCRC-Unicode icon indicating copy to clipboard operation
RapidCRC-Unicode copied to clipboard

Published 20 hours ago verified publisher icon OV2

Detect SHA-1 collision in a file

Open insanetesterftw opened this issue 7 years ago • 2 comments

Given the recent discovery that is now possible to create collisions in sha1 it would be good for RapidCRC to detect them.

https://shattered.io/

Quoting from the above URL:

What types of systems are affected?

Any application that relies on SHA-1 for digital signatures, file integrity, or file identification is potentially vulnerable. These include:

Digital Certificate signatures
Email PGP/GPG signatures
Software vendor signatures
Software updates
ISO checksums
Backup systems
Deduplication systems
GIT
...

How do I detect this attack?

You can use the online tool above to submit files and have them checked for a cryptanalytic collision attack on SHA-1. The code behind this was developed by Marc Stevens (CWI) and Dan Shumow (Microsoft) and is publicly available on GitHub.

It is based on the concept of counter-cryptanalysis and it is able to detect known and unknown SHA-1 cryptanalytic collision attacks given just a single file from a colliding file pair.

And how would you detect it?

https://github.com/cr-marcstevens/sha1collisiondetection

This library and command line tool were designed as near drop-in replacements for common SHA-1 libraries and sha1sum. They will compute the SHA-1 hash of any given file and additionally will detect cryptanalytic collision attacks against SHA-1 present in each file. It is very fast and takes less than twice the amount of time as regular SHA-1.

insanetesterftw avatar Feb 28 '17 22:02 insanetesterftw

I do hope people have already moved on from using SHA-1 for high security purposes. CRC32 and MD5 have been considered weak for many years now but both still have their uses.

For the tech community, our findings emphasize the necessity of sunsetting SHA-1 usage. Google has advocated the deprecation of SHA-1 for many years, particularly when it comes to signing TLS certificates.

https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html

vatterspun avatar Feb 28 '17 22:02 vatterspun

If a sha1 collision is important for your data then you should probably use a different algorithm. I probably won't add any detection to RCRC.

OV2 avatar Apr 03 '17 15:04 OV2