| 1 |
hasufell: |
| 2 |
> |
| 3 |
> * there is no known SHA-1 collision afais |
| 4 |
> * calculating one isn't that hard. NSA might be able to do it in |
| 5 |
> reasonable time |
| 6 |
> * however, the algorithms to do that will come up with random garbage, |
| 7 |
> so it's a completely different thing to hide a useful vulnerability |
| 8 |
> behind a SHA-1 collision |
| 9 |
> |
| 10 |
|
| 11 |
That said... an attacker who has that much resources to calculate a |
| 12 |
_random_ hash collision in reasonable time would certainly have a lot of |
| 13 |
easier attack vectors than forging a _non-random_ hash collision that |
| 14 |
contains actual working code (which, afaiu doesn't effectively work with |
| 15 |
the current attack algorithms on SHA-1). |
| 16 |
|
| 17 |
He could simply break into one of the ~200 developer computers. There's |
| 18 |
a pretty high chance at least one of them is running windows or known |
| 19 |
vulnerable versions of the kernel or other random packages. |
| 20 |
|
| 21 |
No need to waste millions of dollars on SHA-1. |
Archives