SHA1 Broken

dxoigmn · February 15, 2005, 08:46 PM

SHA1 has been broken according to this blog (Bruce Schneier)? Looks interesting although there are little details other than a recent paper on a collision which this attacks supposedly builds upon. Found this blog post on Raymond Chen's blog where I also saw, of all people, Skywing.

quasi-modo · February 15, 2005, 08:50 PM

uh oh. If I were storing any sensative data sha-1 woulda been my choice... guess it is still tougher than md5 though.

iago · February 15, 2005, 09:47 PM

Quote from: quasi-modo on February 15, 2005, 08:50 PM
uh oh. If I were storing any sensative data sha-1 woulda been my choice... guess it is still tougher than md5 though.

I'd worry if anybody stored sensitive data in sha-1, considering that one of the characteristics of sha-1 is that you can't convert it back to the original

Mephisto · February 15, 2005, 09:49 PM

Ah, you beat me to that comment!

CrAz3D · February 15, 2005, 10:04 PM

What is the point of SHA-1 if you can't reverse it back to the original info?!

iago · February 15, 2005, 10:05 PM

It's designed as a one-way hash. You can encrypt passwords and not worry that Blizzard are goign to turn them back into regular passwords. It can also be added to an encrypted message to ensure that the message hasn't been tampered with.

CrAz3D · February 15, 2005, 10:06 PM

What about avalibility?

I still don't understand the point of something you can reverse

iago · February 15, 2005, 10:07 PM

Quote from: CrAz3D on February 15, 2005, 10:06 PM
What about avalibility?

I still don't understand the point of something you can reverse

Sorry, I edited my post, got rid of that nonsense (fine, valuble but irrelevant information). Read it again, I explained it better.

CrAz3D · February 15, 2005, 10:21 PM

What is the point of the password thing? Do you just check to see the the SHA-1 of the password that is sent to BNET is same as what they compare it to?

iago · February 15, 2005, 10:44 PM

Quote from: CrAz3D on February 15, 2005, 10:21 PM
What is the point of the password thing? Do you just check to see the the SHA-1 of the password that is sent to BNET is same as what they compare it to?

Battle.net uses double-sha1's password. This is what happens (for pre-war3 products):

When you create your account, you send them the SHA1 version of the password. That password is stored by Battle.net.

When you log in, you SHA1 your password, alone. Then you SHA1 your password along with the client and server token. The server does the same thing, also hashing your SHA1'd password along with the client/server tokens. Then you send your double-sha1'd password, where it is compared to the server's version.

CrAz3D · February 15, 2005, 10:46 PM

OH!, k, makes more sense I guess.

quasi-modo · February 18, 2005, 05:23 PM

Quote from: iago on February 15, 2005, 09:47 PM
Quote from: quasi-modo on February 15, 2005, 08:50 PM
uh oh. If I were storing any sensative data sha-1 woulda been my choice... guess it is still tougher than md5 though.

I'd worry if anybody stored sensitive data in sha-1, considering that one of the characteristics of sha-1 is that you can't convert it back to the original

It is great for dbs. You encrypt passwords / credit card numbers. It is not meant to be decrypted really. You encrypt an entry and match it. Ideally you would salt the password feild / whatever, with a userid feild or something.

Keep in mind: Even if you are on a server that has never been hacked into and the admins keep up with updates the admins can still see the passwords / credit card numbers / whatever else you are keeping. So you should encrypt everything you do not want anyone to see. If you use a 2 way algorythm your key has to be stored somewhere and the admin will be able to use it to decrypt the stuff so you are back where you started.

ps: If passwords, ssns, and credit card numbers, are encrypted in sha-1 (used for identification purposes) then sensative data is being stored in sha-1 correct?

iago · February 18, 2005, 05:37 PM

It's not being "stored"

tr.v. stored, stor·ing, stores
1. To reserve or put away for future use.

You can't use it one it's hashed.

Anyway, the problem with SHA-1 likely won't affect its security for storing passwords and such; it will affect SHA-1's that are being used to verify documents

quasi-modo · February 18, 2005, 06:44 PM

Quote from: iago on February 18, 2005, 05:37 PM
It's not being "stored"

tr.v. stored, stor·ing, stores
1. To reserve or put away for future use.

You can't use it one it's hashed.

That is correct. I was just 'going by a different deffinition' I guess.
I mean once it is hashed it is not useless.... The user types a pass that then gets encrypted and then you can match the two up and then the user entered the correct pass if they match. But I agree that no data can be gathered from the hashed values because sha-1 is a one way encryption algorythm.

j0k3r · February 19, 2005, 08:46 AM

Quote from: quasi-modo on February 18, 2005, 05:23 PM
It is great for dbs. You encrypt passwords / credit card numbers. It is not meant to be decrypted really.

What would be the purpose of SHA-1'ing a credit card number, would they not need it for billing purposes?