SHA-1 and MD5 Hashes

Darren Dirt · September 11, 2012, 08:32:26 AM

MDA5 sure, but I thought SHA1 is still pretty good for most non-DoD purposes -- are you sure you're not just thinking of the original SHA-0?

Quote from: http://en.wikipedia.org/wiki/SHA-1#Cryptanalysis_and_validation
The three SHA algorithms are structured differently and are distinguished as SHA-0, SHA-1, and SHA-2. SHA-1 is very similar to SHA-0, but corrects an error in the original SHA hash specification that led to significant weaknesses. The SHA-0 algorithm was not adopted by many applications. SHA-2 on the other hand significantly differs from the SHA-1 hash function.

I still think it's nice to know about an easy-to-find JS version (esp. as part of a larger library of JS functions that might not be standard part of the language nor of jQuery) http://phpjs.org/functions/sha1:512

Mr. Analog · September 11, 2012, 08:38:50 AM

I've used SHA-1 to generate random numbers and the like but I wouldn't actually use it for cryptography...

http://www.schneier.com/blog/archives/2005/02/sha1_broken.html

Thorin · September 11, 2012, 08:39:37 AM

No, the cryptographers have been recommending using SHA256 since I was at Upside (nine years ago!). SHA256 and SHA512 (what they're now recommending) are both part of the SHA-2 specification. I remember reading the NSA is working on an SHA-3 specification that's supposed to increase the complexity by many times, to counteract the faster computing power since SHA-2 came out (2001? 2002?).

Darren Dirt · September 11, 2012, 08:41:43 AM

Well it's weird that the Wikipedia opening paragraph for MD5 makes it really clear that it's broken, and suggests/linksto the SHA-1 article. But on the SHA-1 article it talks about how it is a solution to the problems of SHA-0.

I get the impression that SHA-1 is still fine for something quick and not super-critical like hashing a user's password+salt into your database (rather than MD5)... but it's not like I've spent a bunch of time comparing modern hash algorithms

Even Google has offered its own improvement on what others have been working on: http://google-opensource.blogspot.ca/search/label/cityhash but overall I wonder if most developers just end up using SHA-1 since it's easy to find an implementation and runs not very slow and is way better than MD5?

Quote from: Mr. Analog on September 11, 2012, 08:38:50 AM
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html

"It pretty much puts a bullet into SHA-1 as a hash function for digital signatures (although it doesn't affect applications such as HMAC where collisions aren't important"

Hmmm... So w/e, thanks for the links guys, interesting to know -- but I don't want this thread to become an encryption discussion

Thorin · September 11, 2012, 08:51:18 AM

Quote from: Darren Dirt on September 11, 2012, 08:41:43 AM
Hmmm... So w/e, thanks for the links guys, interesting to know -- but I don't want this thread to become an encryption discussion

aww but! This is the kind of technical nerdity we can all really sink our teeth into! But yeah, it'd definitely be off-topic.

Darren Dirt · September 11, 2012, 09:12:06 AM

Quote from: Thorin on September 11, 2012, 08:51:18 AM
Quote from: Darren Dirt on September 11, 2012, 08:41:43 AM
Hmmm... So w/e, thanks for the links guys, interesting to know -- but I don't want this thread to become an encryption discussion

aww but! This is the kind of technical nerdity we can all really sink our teeth into! But yeah, it'd definitely be off-topic.

"While SHA-1 has not been compromised in real-world conditions, SHA-256 is not much more complex to code, and has not yet been compromised in any way." http://www.movable-type.co.uk/scripts/sha256.html
okay there, /discussion.

Lazybones · September 11, 2012, 09:14:47 AM

Basically SHA1 has replaced md5 as the CHEAPEST hash for utility tasks, mostly because it is reliably implemented in so many libraries and is readily available.

However that doesn't dismiss the fact that for high security it is weak and should not be used for critical security uses.

Darren Dirt · September 11, 2012, 09:16:39 AM

-moved-

Mr. Analog · September 11, 2012, 09:17:27 AM

C'mon, LinkedIn password hack back in June, obviously a bit more than one point of failure but still a case where SHA-1 was broken to gain info IRL.

http://www.pcworld.com/article/257045/update_linkedin_confirms_account_passwords_hacked.html

Mr. Analog · September 11, 2012, 09:19:19 AM

Split topic for obvious reasons.

Where's the hook? COZ WE OFF IT BOY

Lazybones · September 11, 2012, 09:20:31 AM

Quote from: Mr. Analog on September 11, 2012, 09:17:27 AM
C'mon, LinkedIn password hack back in June, obviously a bit more than one point of failure but still a case where SHA-1 was broken to gain info IRL.

http://www.pcworld.com/article/257045/update_linkedin_confirms_account_passwords_hacked.html

Rainbow tables can be made for any hash, it didn't have anything to do with the sha1 being broken... broken indicates you could simply generate a collision to access the system knowing the hash.

linkedin was all about the weak common passwords lacking salt.

Thorin · September 11, 2012, 10:10:55 AM

Jebus, I ended up on a page describing latent fingerprint examination thanks to this thread.

Darren Dirt · September 11, 2012, 12:02:35 PM

Quote from: Thorin on September 11, 2012, 10:10:55 AM
Jebus, I ended up on a page describing latent fingerprint examination thanks to this thread.

speaking of which: Dark Knight Rises -- Great Movie, or Greatest Movie?

Mr. Analog · September 11, 2012, 12:52:05 PM

Quote from: Darren Dirt on September 11, 2012, 12:02:35 PM
Quote from: Thorin on September 11, 2012, 10:10:55 AM
Jebus, I ended up on a page describing latent fingerprint examination thanks to this thread.

speaking of which: Dark Knight Rises -- Great Movie, or Greatest Movie?

It's the worst period drama I've ever seen.

Thorin · September 11, 2012, 01:27:49 PM

Oh good, we split this from the original thread to keep it and this on topic.