Ask HN: Can we still trust SHA-1 and SHA-2 created by NSA?

8 points by theboywho ↗ HN

11 comments

[ 6.3 ms ] story [ 43.0 ms ] thread
Yes (at least, as much as we could before; SHA1 in particular has been showing weaknesses). They are still the hash functions that have had the most attention from the academic community, and so far no workable attacks have been found.
As much as you could trust them 5 days ago.

While SHA-1 should not be trusted too much because it has shown possible theoretical attacks SHA-2 still holds. Also these kind of things are IP - there are a lot of eyeballs and scrutiny going on.

There is much bigger chance of fraked up implementation that will make it insecure than the theory - there are a lot of independent researchers that have scrutinized them quite a bit. And while I am sure NSA employs a lot of very capable people they do not hold monopoly on world class cryptographers.

SHA-1 should be assumed to be broken in any case.

The Flame malware was distributed using a fake certificate that was generated via a brand new (publicly unknown) chosen prefix collision technique against SHA-1.

Flame used an MD5 collision.
The Microsoft certificate revokation list for Flame:

   Microsoft is providing an update for all supported releases of Microsoft Windows. The update revokes the trust of the following intermediate CA certificates:

   Microsoft Enforced Licensing Intermediate PCA (2 certificates) 
   Microsoft Enforced Licensing Registration Authority CA (SHA1)
(from http://technet.microsoft.com/en-us/security/advisory/2718704)

Two of the certs were MD5, the third was SHA1.

The hash collision exploited by Flame was in MD5, not SHA1.
BCrypt is superior to the SHA family of hash algorithms.

That should be reason enough not to use SHA.

This is a non sequitur. BCrypt isn't an alternative to SHA hashes; it's a password storage construction.
Yes, but you shouldn't anyways; SHA-2 is inferior to SHA-3.

SHA-3 is the product of a peer-reviewed cryptographic contest.

These aren't closed algorithms. They are well understood and explored in-depth by the academic community.