SHA-1 Collision Attack

Google’s Security Team recently disclosed the first known practical attack against SHA-1. SHA-1 (Secure Hash Algorithm 1) is a hashing function that dates back to 1995. Hashing is simply a one-way function (meaning it can’t be reverse-engineered) used to conceal and store data. It goes one step further than just encrypting something. SHA-1 is widely used for securing software, preventing tampering with software updates, and ensuring secure connections between websites and the customers that use them. However, SHA-1 has also been known to be vulnerable to theoretical attacks at least since 2005, and over the past few years Google has called for developers to move to other algorithms.

The new report, released on Thursday, February 23, 2017, shows how security researchers had achieved the first real-world collision attack against the SHA-1 hash function. This means two completely different files (in this case, PDFs) were used to produce the same SHA-1 signature. That’s not supposed to happen; each file should produce it’s own SHA-1 signature, otherwise a “fake” file could pass as the “true”, trusted file.

Authentication hashes with PBKDF2 implemented with SHA-256, not SHA-1 are not vulnerable.   To be safe, HTTPS certificates should utilize SHA-256, not SHA-1.

To be thorough, we are removing the use of SHA-1 in other areas of the product, such as the use of SHA-1 in the signing of the binaries. The risk there is very low and we are progressing with our planned removal of SHA-1 on an accelerated roadmap in the light of this collision report.