CS researchers find weaknesses in SHA-1

CS researchers find weaknesses in SHA-1During the Crypto 2004 conference, Eli Biham and Rafi Chen from the Department of Computer Science at the Technion, reported preliminary results about vulnerabilities in the SHA-1 algorithm, which is believed to be secure. The event received a wide media attention because of the wide use of the algorithm. "Currently considered the gold standard of its class of algorithms, SHA-1 is embedded in popular programs like PGP and SSL. It is certified by the National Institute of Standards and Technology and is the only signing algorithm approved for use in the U.S. government's Digital Signature Standard. SHA-1 yields a 160-bit output, which is longer than MD5's 128-bit output and is considered more secure." (the full article is available here).

Back to the news index Monday, August 23, 2004