Researchers at Google Inc. and Centrum Wiskunde & Informatic have managed to achieve a collision attack against SHA-1, proving finally that the commonly used cryptography standard can be easily subverted.

For those not aware of the standard, or only understand SHA-1 encryption in passing, SHA-1 is a cryptographic hash function, simply a way to securely encode data, designed by the U.S. National Security Agency in 1995. For a time it became the default encryption code used on the Internet.

The code itself has long been considered obsolete because it was fairly easy to hack it. But what Google and CWI achieved in terms of a collision attack is to prove something that in their own words was previously thought to be “computationally infeasible” in that they were able to create two messages that lead to the same point.

A collision in this context refers to an event where two separate files or messages produce the same cryptographic hash, or secured coding. That would allow malicious users to fake authentication as a way to hijack data.

Google and CWI claim that their ability to achieve a collision has practical application, but the research that led to that point, at least on paper, involves some extraordinary large numbers. For example, to create the collision, 6,500 years of central processing unit computations was required to complete the first attack phase, followed by 110 years of graphics processing unit computations to complete the second phase, totaling nine quintillion SHA1 computations.

That amount of computing power does come at a cost but surprisingly not that high, with the researchers estimating that an attack could be performed using Amazon Web Services Inc.’s cloud computing service for as little as $110,000.

Google, along with other browser makers including the Mozilla Foundation and Microsoft Corp., have promised to phase out support for SHA-1 encryption, but those behind the paper want that to occur immediately.

“For the tech community, our findings emphasize the necessity of sunsetting SHA-1 usage,” the Google security team said in a blog post. “Google has advocated the deprecation of SHA-1 for many years, particularly when it comes to signing TLS certificates. As early as 2014, the Chrome team announced that they would gradually phase out using SHA-1. We hope our practical attack on SHA-1 will cement that the protocol should no longer be considered secure. We hope that our practical attack against SHA-1 will finally convince the industry that it is urgent to move to safer alternatives such as SHA-256.”

The research for the paper along with the source code used to perform the collision is due to be released within 90 days, after which the standard will be effectively dead.

Photo: gandalfcunningham/Flickr