1 |
hasufell: |
2 |
> |
3 |
> * there is no known SHA-1 collision afais |
4 |
> * calculating one isn't that hard. NSA might be able to do it in |
5 |
> reasonable time |
6 |
> * however, the algorithms to do that will come up with random garbage, |
7 |
> so it's a completely different thing to hide a useful vulnerability |
8 |
> behind a SHA-1 collision |
9 |
> |
10 |
|
11 |
That said... an attacker who has that much resources to calculate a |
12 |
_random_ hash collision in reasonable time would certainly have a lot of |
13 |
easier attack vectors than forging a _non-random_ hash collision that |
14 |
contains actual working code (which, afaiu doesn't effectively work with |
15 |
the current attack algorithms on SHA-1). |
16 |
|
17 |
He could simply break into one of the ~200 developer computers. There's |
18 |
a pretty high chance at least one of them is running windows or known |
19 |
vulnerable versions of the kernel or other random packages. |
20 |
|
21 |
No need to waste millions of dollars on SHA-1. |