It is a consistent effort to ensure that a business’s or organisation’s digital security efforts remain robust in an ever-changing landscape. Hackers are constantly finding new ways to penetrate the rigid walls of security and it is ever so crucial to be steadfast and prepared for such attacks. It is also important to ensure that the security features used are accurate and functional.
As such, cryptographic experts from the Nanyang Technological University, Singapore (NTU Singapore) and the French national research institute for digital sciences INRIA in Paris have revealed a critical security flaw in a commonly used security algorithm called SHA-1. It allows hackers to create hoax files and data, under the false pretences of authentic information.
The researchers working on this have established that the use of SHA-1 as a security algorithm should be boycotted and that companies have to refrain from using it.
SHA-1 is a hash function and can be understood to be a building block in cryptography, used in almost every digital authentication process. It supports the security of many digital applications in internet banking, web-based communications, and payment portals of online shopping sites.
The hash function of this algorithm produces a short digital fingerprint, called a hash value, out of a long input message.
If an attacker finds it challenging to find two different inputs that lead to identical has values, the hash function will be considered to be secure. If two different inputs share the same value, it is said that a ‘collision’ has occurred.
SHA-1 was developed by the United States’ National Security Agency (NSA) in the early 1990s. It has been widely integrated into several pieces of software and it continues to be used extensively. It, however, has come under the security by researchers who questioned its validity.
This was especially the case in 2005 when a range of security flaws was theorised and discovered within SHA-1. Recently in 2017, academics from the Dutch research institute Centrum Wiskunde & Informatica (CWI) and Google had created the first practical SHA-1 hash collision. They displayed that it was possible to discover two different input messages that produced the same SHA-1 hash value.
This research work saw the use of a large Google-hosted graphics processing units (GPU) cluster but it did not allow for input messages to be modified according to preference.
Back in May 2019, NTU’s Associate Professor Thomas Peyrin at the School of Physical and Mathematical Sciences and INRIA’s Dr Gaëtan Leurent, used enhanced mathematical procedures to create the first-ever ‘chosen-prefix collision attack’ for SHA-1.
They have now improved it such as to use a cluster of 900 GPUs. The GPUs were run over two months and have successfully shown that this method is able to disrupt the SHA-1 algorithm. The information on this has been published in a paper on the International Association for Cryptologic Research e-print site.
NTU Assoc Prof Peyrin and Dr Leurent had presented their findings at the Real World Crypto Symposium held in New York City, in January this year. They advised that the use of SHA-1 poses as a high threat to users due to its vulnerability to attacks, regardless of whether its use is low or only for backward compatibility. They stressed the critical need to fully phase out SHA-1 as soon as possible.
Both the researchers displayed the findings with the use of a chosen-prefix collision which specifically attacked a type of file called a PGP/GnuPG certificate. This form of certificate is a digital proof of identity that depends on SHA-1 as a hash function.
This demonstration showed that a chosen-prefix collision attack confirms that it is possible to forge specific digital documents, such that they have a correct fingerprint and be shown to be authentic with using SHA-1.
SHA-1 is gradually being removed from the industry but SHA-1 algorithm is still being in several applications. The algorithm now presents itself to be insecure and researchers hope that system owners will act promptly to phase out the use of the SHA-1 algorithm.
Assoc Prof Peyrin explained that a chosen-prefix collision attack signifies that an attacker can commence an attack with any first part of the two messages and subsequently amend the rest. Despite this, the fingerprint values produced remain the same and will still collide.
“As a result of our work, developers of software packages dealing with digital certificates have in the last few months already applied counter-measures in their last versions, treating SHA-1 as insecure,” he added. The hope in place is that the publication of the study will push the industry to steer away from the use of weak cryptographic functions.
Additionally, the newer has functions, such as those from the SHA-2 family of hash functions created in 2001 remain unaffected by the attack.
Assoc Prof Peyrin and his team have a vision to further boost digital security standards used in other everyday digital products and services. “Moving forward, we will continue to analyse the algorithms that keep our everyday digital applications secure as more services around the world become digitised,” he said.
