The #sha-1 #security standard, widely used in digital certificates, electronic banking, browsers, and other applications is weaker than previously thought and susceptible to attacks that are now well within the resources of criminal groups, an international team of cryptanalysts warned Thursday.
Security #researchers had previously estimated that it would take at least another two years for so-called collision attacks against SHA-1 to become economically feasible for threat actors.
But a new method, developed by researchers Marc Stevens from #cwi — The Netherlands’ national research institute for math and computer science — Pierre Karpman from French counterpart Inria, and Thomas Peyrin from Singapore’s Nayang Technological University, shows the estimates were too conservative.
Leave a reply
