The Secure Hash Algorithm (SHA-1), previously thought of as virtually unbreakable, has been cracked by a research team from China.
The team, from Shandong University, the Chinese Academy of Sciences and Shanghai Jiaotong University, has proven SHA-1, used in the generation of digital signatures, can be compromised by a supercomputer.
"This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result," said cryptographic expert Bruce Schneier in his weblog. "It pretty much puts a bullet into SHA-1 as a hash function for digital signatures."
It was believed that some 2^80 operations would be needed to achieve a match (known as a collision). The research proves that a collision can be achieved at the much lesser figure of 2^69. A number that, although large, is breakable with today's computer technology.
Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu, who cracked SHA-1, last year released a paper discussing ways to compromise MD-4, MD-5, HAVAL and RIPEM-D, a group of other well-known algorithms.
