Results 1 to 8 of 8
  1. #1
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts

    Exclamation A more real SHA-1 hack; ten days computime

    DHE, RC4 and now SHA-1 (though the attack took ten days of computing time on GPU cards, but we all know what that eventually means). And yet, the businesses want your credit card and other personal info, but don't want to upgrade their servers encryption algorithms:

    SHA-1 Freestart Collision

    Schneier on Security
    Oct. 8, 2015

    There's a new cryptanalysis result against the hash function SHA-1:

    Abstract: We present in this article a freestart collision example for SHA-1, i.e., a collision for its internal compression function. This is the first practical break of the full SHA-1, reaching all 80 out of 80 steps, while only 10 days of computation on a 64 GPU cluster were necessary to perform the attack. This work builds on a continuous series of cryptanalytic advancements on SHA-1 since the theoretical collision attack breakthrough in 2005. ....

    [Continue reading here: https://www.schneier.com/blog/archiv...reestart.html]
    Last edited by Fascist Nation; 2015-10-09 at 11:02.

  2. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,199
    Thanks
    48
    Thanked 986 Times in 916 Posts
    That's why we use SHA-256.

    cheers, Paul

  3. The Following User Says Thank You to Paul T For This Useful Post:

    Fascist Nation (2015-10-11)

  4. #3
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts
    If you are allowed that option.

  5. #4
    Silver Lounger
    Join Date
    Mar 2014
    Location
    Forever West
    Posts
    2,078
    Thanks
    0
    Thanked 259 Times in 248 Posts
    I use a little free program from https://raylin.wordpress.com/downloa...cksum-utility/ to check most of my downloads, especially the large .iso files for Windows and Linux OSes, gives more comparison ability but I do have to remember to get the hash from the download page if offered. The hash number is embedded in the download by the publisher.

  6. #5
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,378
    Thanks
    235
    Thanked 147 Times in 136 Posts
    Nice program Berton

    Just thinking, ooops I thought it would be nice to have a D/L manager that could auto check against 'copied' hashtag, never came across one!



    BTW not on Gizmos list...
    Last edited by wavy; 2015-10-12 at 14:06.
    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  7. #6
    Silver Lounger
    Join Date
    Mar 2014
    Location
    Forever West
    Posts
    2,078
    Thanks
    0
    Thanked 259 Times in 248 Posts
    Quote Originally Posted by wavy View Post
    Nice program Berton

    Just thinking, ooops I thought it would be nice to have a D/L manager that could auto check against 'copied' hashtag, never came across one!



    BTW not on Gizmos list...
    Automatic would be nice. The closest I've come is on Linux Mint 17.x, has a choice on right-click menu of an .iso file to check but still need the hash from the download site to compare with.

  8. #7
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,378
    Thanks
    235
    Thanked 147 Times in 136 Posts
    Haha trying real hard to stay away from Linux. Still have a couple of bootable Usb HDD and SSD available but I am way too dumb,fussy and impatient for Linux.
    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  9. #8
    Silver Lounger
    Join Date
    Mar 2014
    Location
    Forever West
    Posts
    2,078
    Thanks
    0
    Thanked 259 Times in 248 Posts
    Quote Originally Posted by wavy View Post
    Haha trying real hard to stay away from Linux. Still have a couple of bootable Usb HDD and SSD available but I am way too dumb,fussy and impatient for Linux.
    I usually play with Linux LiveDVDs so the computer doesn't get changed. I only have it installed on a Dell Optiplex 755 Desktop because it is an extra computer and always interested in a replacement for WinXP that don't meet later system requirements, does pretty good. Use Firefox and LibreOffice, both included in the install disc.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •