CWI institute and the Google scientists announced yesterday that the SHA-1 security standard has been broken for the first time in practice. The researchers point out that many applications will continue to use SHA-1 encryption, even if the NIST rejected it because of vulnerabilities already officially in 2011.
the method is found one hundred thousand times faster than the so-called breaking of the encryption. brute force method in which all possible secret keys are tried until the correct one is entered.
SHA encryption, there are already versions 2 and 3. Analysts said the two-version may be to break even quickly, but NIST in 2015 standardized SHA-3 is more difficult to break down.
Researchers at Google and Centrum Wiskunde & Informatica (CWI) in the Netherlands have managed to conduct the first real world collision attack against SHA-1, creating two documents with different content but identical hashes.
SHA-1 was introduced in 1995 and the first attacks against the cryptographic hash function were announced a decade later. Attacks improved over the years and, in 2015, researchers disclosed a method that lowered the cost of an SHA-1 collision to $75,000-$120,000 using Amazon’s EC2 cloud over a period of a few months.
Despite steps taken by companies such as Google, Facebook, Microsoft and Mozilla to move away from SHA-1, the hash function is still widely used.
Billions of dollars are spent every year on cyber security products; and yet those products continually fail to protect businesses. Thousands of reports analyze breaches and provide reams of data on what happened; but still the picture worsens. A new study takes a different approach; instead of trying to prevent hacking based on what hacking has achieved, it asks real hackers, how do you do it?
The hackers in question are the legal pentesters attending last Summer’s DEFCON conference. Seventy were asked about what they do, how they do it, and why they do it — and the responses are sobering. The resulting report, The Black Report by Nuix, is a fascinating read. It includes sections on the psycho-social origins of cybercrime and a view from law enforcement: but nothing is as valuable as the views from the hackers themselves. These views directly threaten many of the sacred cows of cyber security. They are worth considering: “The only difference between me and a terrorist is a piece of paper [a statement of work] making what I do legal. The attacks, the tools, the methodology; it’s all the same.”
What they do is surprisingly easy and frighteningly successful.
Take sacred cow #1: it takes 250-300 days for the average organization to detect a breach, and the earlier it is detected, the less damage will be done. But there is less time than you think. Eighty-eight percent of the pentesters claim that it takes less than 12 hours to compromise a target; and 80% say it then takes less than another 12 hours to find and steal the data.
Sacred cow #2 could affect the cyber security skills gap. A recent ISACA survey shows that 70% of employers require a security certification before employing new staff. The people they are defending against, however, place little value in those certifications. “Over 75% did not believe technical certifications were an accurate indicator of ability,” notes the report.
Sacred cow #3 is that anti-virus and a firewall equates to security. Only 10% of the pentesters admitted to being troubled by firewalls, and a mere 2% by anti-virus.
sacred cow #4 remains a sacred cow: “For security decision-makers,” says the report, “this result clearly demonstrates the importance of defense in depth rather than relying on any single control. Any individual security control can be defeated by an attacker with enough time and motivation. However, when an organization uses a combination of controls along with security training, education, and processes, the failure of any single control does not automatically lead to data compromise.”
When asked what companies should buy to improve their security posture, 37% suggested intrusion detection/prevention systems. Only 6% suggested perimeter defenses.
data hygiene/information governance at 42% is seen as less effective than perimeter defenses at 21%.
One of the biggest surprises of the survey is that while companies may go to the expense of a penetration test, they will not necessarily act upon the results. “Only 10% of respondents indicated that they saw full remediation of all identified vulnerabilities, and subsequent retesting,” notes the report.
“While ‘fix the biggest problems’ appears to be a logical approach to remediation, it misrepresents the true nature of vulnerabilities and provides a false sense of security for decision makers,” warns the report.
The successful SHA-1 collision attack announced last week by Google and CWI appears to have a serious impact on repositories that use the Apache Subversion (SVN) software versioning and revision control system.
Developers of the WebKit web browser engine noticed severe problems after attempting to add a test for the SHA-1 collision to their project. Uploading the example collision PDF files provided by Google caused their SVN repository to become corrupted and prevent further commits.
Google has posted an update to the SHAttered website to warn SVN users of the risks, and Apache Subversion developers have created a tool designed to prevent PDF files such as the ones provided by Google from being committed.
The search giant has so far only published two PDF documents that prove SHA-1 collisions are possible (i.e. the files have the same SHA-1 hash, but different content). However, after 90 days, the company will release the code that allows anyone to create such PDFs.
Finding SHA-1 collisions still requires significant resources – it would cost an attacker at least $110,000 worth of computing power via Amazon’s cloud services – but it’s still 100,000 times faster compared to a brute-force attack.
The SHAttered attack also impacts the Git distributed version control system, which relies on SHA-1 for identifying and checking the integrity of file objects and commits.
However, “the sky isn’t falling,” according to Linux kernel creator Linus Torvalds.
During the last year, many companies started deprecating usage of SHA-1 in order to prevent any theoretical attack. But, with the proof and real-world attack scenario outlined this week by Google and Centrium Wiskunde, the spotlight is shining once again on SHA-1 collision attacks. The open source code for collision detection is publicly available here. We can no longer say that this type of attack is only theoretical. So, how can we fix the problem?
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
We are a professional review site that has advertisement and can receive compensation from the companies whose products we review. We use affiliate links in the post so if you use them to buy products through those links we can get compensation at no additional cost to you.OkDecline
7 Comments
Tomi Engdahl says:
New SHA1 attack – Linux, UNIX engineers blog
http://www.epanorama.net/newepa/2015/07/05/new-sha1-attack-linux-unix-engineers-blog/
Tomi Engdahl says:
SHA-1 encryption was broken for the first time
CWI institute and the Google scientists announced yesterday that the SHA-1 security standard has been broken for the first time in practice. The researchers point out that many applications will continue to use SHA-1 encryption, even if the NIST rejected it because of vulnerabilities already officially in 2011.
the method is found one hundred thousand times faster than the so-called breaking of the encryption. brute force method in which all possible secret keys are tried until the correct one is entered.
SHA encryption, there are already versions 2 and 3. Analysts said the two-version may be to break even quickly, but NIST in 2015 standardized SHA-3 is more difficult to break down.
Source: http://www.etn.fi/index.php/embedded-conference-finland/5908-sha-1-salaus-murrettiin-ensimmaisen-kerran
Tomi Engdahl says:
First SHA-1 Collision Attack Conducted by Google, CWI
http://www.securityweek.com/first-sha-1-collision-attack-conducted-google-cwi
Researchers at Google and Centrum Wiskunde & Informatica (CWI) in the Netherlands have managed to conduct the first real world collision attack against SHA-1, creating two documents with different content but identical hashes.
SHA-1 was introduced in 1995 and the first attacks against the cryptographic hash function were announced a decade later. Attacks improved over the years and, in 2015, researchers disclosed a method that lowered the cost of an SHA-1 collision to $75,000-$120,000 using Amazon’s EC2 cloud over a period of a few months.
Despite steps taken by companies such as Google, Facebook, Microsoft and Mozilla to move away from SHA-1, the hash function is still widely used.
Tomi Engdahl says:
This What Hackers Think of Your Defenses
http://www.securityweek.com/what-hackers-think-your-defenses
Billions of dollars are spent every year on cyber security products; and yet those products continually fail to protect businesses. Thousands of reports analyze breaches and provide reams of data on what happened; but still the picture worsens. A new study takes a different approach; instead of trying to prevent hacking based on what hacking has achieved, it asks real hackers, how do you do it?
The hackers in question are the legal pentesters attending last Summer’s DEFCON conference. Seventy were asked about what they do, how they do it, and why they do it — and the responses are sobering. The resulting report, The Black Report by Nuix, is a fascinating read. It includes sections on the psycho-social origins of cybercrime and a view from law enforcement: but nothing is as valuable as the views from the hackers themselves. These views directly threaten many of the sacred cows of cyber security. They are worth considering: “The only difference between me and a terrorist is a piece of paper [a statement of work] making what I do legal. The attacks, the tools, the methodology; it’s all the same.”
What they do is surprisingly easy and frighteningly successful.
Take sacred cow #1: it takes 250-300 days for the average organization to detect a breach, and the earlier it is detected, the less damage will be done. But there is less time than you think. Eighty-eight percent of the pentesters claim that it takes less than 12 hours to compromise a target; and 80% say it then takes less than another 12 hours to find and steal the data.
Sacred cow #2 could affect the cyber security skills gap. A recent ISACA survey shows that 70% of employers require a security certification before employing new staff. The people they are defending against, however, place little value in those certifications. “Over 75% did not believe technical certifications were an accurate indicator of ability,” notes the report.
Sacred cow #3 is that anti-virus and a firewall equates to security. Only 10% of the pentesters admitted to being troubled by firewalls, and a mere 2% by anti-virus.
sacred cow #4 remains a sacred cow: “For security decision-makers,” says the report, “this result clearly demonstrates the importance of defense in depth rather than relying on any single control. Any individual security control can be defeated by an attacker with enough time and motivation. However, when an organization uses a combination of controls along with security training, education, and processes, the failure of any single control does not automatically lead to data compromise.”
When asked what companies should buy to improve their security posture, 37% suggested intrusion detection/prevention systems. Only 6% suggested perimeter defenses.
data hygiene/information governance at 42% is seen as less effective than perimeter defenses at 21%.
One of the biggest surprises of the survey is that while companies may go to the expense of a penetration test, they will not necessarily act upon the results. “Only 10% of respondents indicated that they saw full remediation of all identified vulnerabilities, and subsequent retesting,” notes the report.
“While ‘fix the biggest problems’ appears to be a logical approach to remediation, it misrepresents the true nature of vulnerabilities and provides a false sense of security for decision makers,” warns the report.
Tomi Engdahl says:
Apache Subversion System Affected by SHA-1 Collision
http://www.securityweek.com/apache-subversion-system-affected-sha-1-collision
The successful SHA-1 collision attack announced last week by Google and CWI appears to have a serious impact on repositories that use the Apache Subversion (SVN) software versioning and revision control system.
Developers of the WebKit web browser engine noticed severe problems after attempting to add a test for the SHA-1 collision to their project. Uploading the example collision PDF files provided by Google caused their SVN repository to become corrupted and prevent further commits.
Google has posted an update to the SHAttered website to warn SVN users of the risks, and Apache Subversion developers have created a tool designed to prevent PDF files such as the ones provided by Google from being committed.
The search giant has so far only published two PDF documents that prove SHA-1 collisions are possible (i.e. the files have the same SHA-1 hash, but different content). However, after 90 days, the company will release the code that allows anyone to create such PDFs.
Finding SHA-1 collisions still requires significant resources – it would cost an attacker at least $110,000 worth of computing power via Amazon’s cloud services – but it’s still 100,000 times faster compared to a brute-force attack.
The SHAttered attack also impacts the Git distributed version control system, which relies on SHA-1 for identifying and checking the integrity of file objects and commits.
However, “the sky isn’t falling,” according to Linux kernel creator Linus Torvalds.
Tomi Engdahl says:
How SHA-1 Collisions Can Affect Us in Real-World Attacks
https://www.cylance.com/en_us/blog/how-sha-1-collisions-can-affect-us-in-real-world-attacks.html
During the last year, many companies started deprecating usage of SHA-1 in order to prevent any theoretical attack. But, with the proof and real-world attack scenario outlined this week by Google and Centrium Wiskunde, the spotlight is shining once again on SHA-1 collision attacks. The open source code for collision detection is publicly available here. We can no longer say that this type of attack is only theoretical. So, how can we fix the problem?
Tomi Engdahl says:
https://www.theregister.co.uk/2017/02/23/google_first_sha1_collision/