back to article Facebook farewells flaky SHA-1

Facebook has set the date: on September 30, the ancient and creaking SHA-1 hashing algorithm will make its tumbril trip and get the chop. SHA-1, designed by the NSA in 1995, is a one-way algorithm: a block of data is turned into a message digest. The digest can't be turned back into the original message, but serves as a …

  1. Anonymous Coward
    Anonymous Coward

    Trust, which trust?

    "If users see disruption – for example, too many “insecure site” warnings – they fear that trust in the Internet will be undermined."

    They must have been living under a rock, if they haven't lost trust in the internet already.

    1. Tomato42

      Re: Trust, which trust?

      it's as if users already weren't trained to click through all the cert warnings by corporate networks and home routers.

    2. MotionCompensation

      Re: Trust, which trust?

      Facebook undermined my trust in the internet. SHA2 won't fix that.

  2. Mr Spuratic

    Crypto pedantry

    Both articles conflate two distinct uses of SHA-1. The CAB Forum are largely concerned with SHA-1 as used in certificate signatures (formally sha1WithRSAEncryption). Separately, SHA-1 or SHA-2 are used in a TLS cipher as a message authentication code (or more correctly, HMAC). HMAC-SHA1, like other HMACs, is not susceptible to collision attacks. That said, RFC 7525 recommends only SHA-2 using ciphers, but leaves SHA-1 using ciphers unchanged (and still mandatory for interop).

  3. -tim
    Black Helicopters

    Win/win? for who?

    I can buy a $80 usb device that does 90 billion sha2 hashes a second from a bit coin vender selling me the slow stuff. What is weak and what is stong is still up in the air. The descracker built by EFF did 90 billion keys a second and cost 1/4 million.

    1. Ian Johnston Silver badge

      Re: Win/win? for who?

      Wouldn't that require a processor running at some significant multiple of 90GHz? Not bad for $80.

      1. CaptainBanjax

        Re: Win/win? for who?

        Im not sure, but bitcoin mining stuff is ASIC based and is geared for the SHA-256 based bitcoin hashes.

        The lowest power stuff is in the measure of 10s of gigahashes per second. An ANTMINER S2 can do 1000 gigahashes per second.

        There is mining kit out therebthat can do over 3TH/s.

        Not sure if you can rejig a BTC miner for the purposes of bruteforcing garden variety'd be interesting to know if its possible though.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021