Family SHA (which stands for Secure Hash Algorithm according to AbbreviationFinder.org) is a set of hash functions cryptographic related National Security Agency US and published by the National Institute of Standards and Technology (NIST). The first member of the family published in 1993 is officially called SHA. However, today it is unofficially called SHA-0 to avoid confusion with its successors. Two years later the first successor to SHA was published under the name SHA-1. There are four more variants that have been published since then whose differences are based on a somewhat modified design and increased output ranges: SHA-224, SHA-256, SHA-384, and SHA-512 (all of them are referred to as SHA-2).
In 1998, an attack on SHA-0 was found but was not recognized for SHA-1, it is unknown if it was the NSA who discovered it but increased the security of SHA-1.
SHA-1 has been closely scrutinized by the public crypto community, and no effective attack has been found. However, in 2004, a number of significant attacks were reported on cryptographic hash functions with a structure similar to SHA-1; this has raised questions about the long-term safety of SHA-1.
SHA-0 and SHA-1 produce a 160-bit summary output of a message that can have a maximum size of 2 64 bits, and is based on principles similar to those used by Professor Ronald L. Rivest of MIT in the design of the MD4 and MD5 message digest algorithms.
The empty hash encoding for SHA-1 corresponds to:
SHA1 (“”) = da39a3ee5e6b4b0d3255bfef95601890afd80709
Attacks against SHA-1
The strength of the SHA-1 algorithm has been compromised throughout 2005. After MD5, among others, was seriously compromised in 2004 by a team of Chinese researchers, SHA-1’s lifespan was up for sentencing.
The same team of Chinese researchers, consisting of Xiaoyun Wang, Yiqun Lisa Yin and Hongbo Yu (mainly from Shandong University in China), has shown that they are capable of breaking SHA-1 in at least 269 operations, about 2000 times more. faster than a brute force attack (which would require 2 80 operations). Recent attacks on SHA-1 have weakened it to 2 63.
According to NIST:
“This attack is of particular importance for applications that use digital signatures such as timestamps and notaries. However, many applications that use digital signatures include information about the context that makes this attack difficult to carry out in practice. ”
Although 2 63 still involve a high number of operations, it is within the limits of current calculation capabilities, and it is foreseeable that over time breaking this function will be trivial, by increasing calculation capabilities and be more serious attacks against SHA-1.
The importance of breaking a hash function should be understood as follows: A hash allows you to create a theoretically unique fingerprint of a file. If a hash were broken there could be another document with the same fingerprint. The similarity could be that there were people who shared the same fingerprints, or worse, the same DNA: There would be no way to differentiate them using these means of discrimination.
Despite the fact that NIST contemplates larger SHA functions (for example, the SHA-512, 512 bits long), experts of the stature of Bruce Schneier advocate, without calling for alarmism, to look for a new standardized hash function that allows to replace SHA-1. The names mentioned in this regard are Tiger, from the creators of Serpent, and WHIRLPOOL, from the creators of AES.