NSA's SHA-1 Hash Broken


From the Slashdot (*duck*) article.
"From Bruce Schneier's weblog: 'SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing. The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper announcing their results...'" Note, though, that Scheier also writes "The paper isn't generally available yet. At this point I can't tell if the attack is real, but the paper looks good and this is a reputable research team."

For reference:
SHA-1 is RFC 3174
Wikipedia Entry: http://en.wikipedia.org/wiki/SHA-1
NIST Summary: http://www.itl.nist.gov/fipspubs/fip180-1.htm

SHA-1 is generally considered to be one of the most secure hashes available (Invented by the NSA, IIRC).

One of the major factors is that SHA is used for password hashes in a huge number of applications. A hash is supposed to be able to be infeasible to go backwards to the original plain-text. This is used for password storage because since it's unable to go backwards even if you have the password table it does no good. To check the password: When a password is entered for authorization you hash it again to see if it matches.

Example hash: The quick brown fox jumps over the lazy dog = 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12

There are multiple possible inputs for similar SHA-1 outputs just like md5. All you have to do is get a match, and you've effectively guessed someone's password. If you're at a login and "dogs" and "elephants" produces the same hash, it doesn't matter if you're password is really the first, as the second will work.