Announcing the first SHA1 collision

0E800

Cryptographic hash functions like SHA-1 are a cryptographer’s swiss army knife. You’ll find that hashes play a role in browser security, managing code repositories, or even just detecting duplicate files in storage. Hash functions compress large amounts of data into a small message digest. As a cryptographic requirement for wide-spread use, finding two messages that lead to the same digest should be computationally infeasible. Over time however, this requirement can fail due to attacks on the mathematical underpinnings of hash functions or to increases in computational power.

Today, 10 years after of SHA-1 was first introduced, we are announcing the first practical technique for generating a collision. This represents the culmination of two years of research that sprung from a collaboration between the CWI Institute in Amsterdam and Google. We’ve summarized how we went about generating a collision below. As a proof of the attack, we are releasing two PDFs that have identical SHA-1 hashes but different content. For the tech community, our findings emphasize the necessity of sunsetting SHA-1 usage.

Google has advocated the deprecation of SHA-1 for many years, particularly when it comes to signing TLS certificates. As early as 2014, the Chrome team announced that they would gradually phase out using SHA-1.
We hope our practical attack on SHA-1 will cement that the protocol should no longer be considered secure.

clarkwinkelmann

I've seen that. It's a bit scary ?

It's been deprecated for quite some time on the web, but I'm wondering how many (PDF/other) signing applications still rely on it.

0E800

clarkwinkelmann
Only governments and companies like Google could do something like this. Also the POC is a single PDF. It's akin to 'told you so, now here is proof'.

Just make sure any PDF you receive from Donald Trump are checked by Googles SHA1 collide tool. ?