So google actually performed an SHA-1 collision !

Quoting from the post as such , “Today, more than 20 years after of SHA-1 was first introduced, we are announcing the first practical technique for generating a collision. ” What really blows my mind is the amount of computational resources that went into actually making sure that they could generate a collision.


A few numbers about that :

  • Nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total
  • 6,500 years of CPU computation to complete the attack first phase
  • 110 years of GPU computation to complete the second phaseI still remember going through the MD5 method back in college , and thinking to myself , what is the degree of improvements that current methods have over the MD5 . I encountered the SHA1 then and remember thinking that it was a pretty solid fix.

    That being said , it is important to keep in mind that cryptography is always a cat and mouse game . The harder people try to protect their data and privacy with world class standards, the other side will try equally harder , if not more , to come up with methods to crack said standards. And that , I think , is the beauty of it . A constant struggle to beat the odds.

    Link to full article :




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s