Yes (at least, as much as we could before; SHA1 in particular has been showing weaknesses). They are still the hash functions that have had the most attention from the academic community, and so far no workable attacks have been found.
While SHA-1 should not be trusted too much because it has shown possible theoretical attacks SHA-2 still holds. Also these kind of things are IP - there are a lot of eyeballs and scrutiny going on.
There is much bigger chance of fraked up implementation that will make it insecure than the theory - there are a lot of independent researchers that have scrutinized them quite a bit. And while I am sure NSA employs a lot of very capable people they do not hold monopoly on world class cryptographers.
The Flame malware was distributed using a fake certificate that was generated via a brand new (publicly unknown) chosen prefix collision technique against SHA-1.
The Microsoft certificate revokation list for Flame:
Microsoft is providing an update for all supported releases of Microsoft Windows. The update revokes the trust of the following intermediate CA certificates:
Microsoft Enforced Licensing Intermediate PCA (2 certificates)
Microsoft Enforced Licensing Registration Authority CA (SHA1)
11 comments
[ 6.3 ms ] story [ 43.0 ms ] threadWhile SHA-1 should not be trusted too much because it has shown possible theoretical attacks SHA-2 still holds. Also these kind of things are IP - there are a lot of eyeballs and scrutiny going on.
There is much bigger chance of fraked up implementation that will make it insecure than the theory - there are a lot of independent researchers that have scrutinized them quite a bit. And while I am sure NSA employs a lot of very capable people they do not hold monopoly on world class cryptographers.
http://en.wikipedia.org/wiki/SHA-3
The Flame malware was distributed using a fake certificate that was generated via a brand new (publicly unknown) chosen prefix collision technique against SHA-1.
Two of the certs were MD5, the third was SHA1.
That should be reason enough not to use SHA.
SHA-3 is the product of a peer-reviewed cryptographic contest.