An encryption standard widely used in digitally signing documents and programs has a flaw in it that could allow for the creation of forgeries, sources said Wednesday.
In a three-page research note seen by CNET News.com, three Chinese scientists--Xiaoyun Wang and Hongbo Yu of Shandong University and Yiqun Lisa Yin, a visiting researcher at Princeton University--stated they have found a way to significantly reduce the time required to break an algorithm, known as the Secure Hashing Algorithm, or SHA-1, that is widely used for digitally fingerprinting data files.
Other cryptographers who have seen the document said that the results seemed to be genuine.
"At this point I can't tell if the attack is real, but the paper looks good and this is a reputable research team," Bruce Schneier, a cryptographer and chief technology officer for Counterpane Internet Security, said on his Web site.
An attacker could use the flaw to create two documents or programs that have the same digital fingerprint, also known as a hash; one file could be a legitimate version of the data, while the other could be a forgery. For example, code signing--where a program is posted online along with its SHA-1 fingerprint as a way to guarantee its integrity--would essentially be rendered meaningless by this attack.
This causes problems for digital signatures because signing documents is a two-step process. First, a digital fingerprint, or condensed version of the document, is created. Then public-key encryption is used to sign that hash. If two different documents create the same hash, then the process breaks because no one can prove which document was signed.
The latest attack made use of a cryptoanalysis attack against a similar, but more easily breakable, algorithm known as SHA-0.
While the problems--if confirmed--could lead to SHA-1 being phased out by the government, the effects of the break may not be dire, said Paul Kocher, a cryptographer and president of Cryptography Research.
"This is feasible if you have thousands of computers at your disposal," he said, at his company's booth in the exhibition hall of the RSA security conference in San Francisco. Moreover, the attack is a problem only if an untrustworthy source is generating the data that is being signed. That person could have generated two copies of the data: one public version that will be signed, and a forgery, or malicious version, that will be kept secret.
The break of the full SHA-1 algorithm reduces the complexity of producing a "collision"--or matching hash value--by a factor of about 2,000. If a cluster of computers could handle 1 million hash values every second, it would still take about 19 million years to find two different documents whose digital fingerprints match.
That means the situation is serious but not desperate, Counterpane's Schneier said, adding that companies have about a year before attacks become feasible enough to cause concern.
"The industry will produce better solutions really quick," he said, warning the industry and government not to tarry long. "Remember the motto of the (National Security Agency): Attacks only get better; they never get worse."
Chinese authorities have reportedly taken iPads from a third-party retailer, a move apparently brought on by Apple's continued refusal to honor a trademark for the iPad name owned by a Chinese manufacturer.
NY professor believes that a word-based algorithm can help bring together those who believe, with one glimpse, that they have found and lost the love of their lives.
Along with green-lighting Google's buy of Motorola, the Justice Department today OKs an Apple-Microsoft-RIM partnership deal to buy Nortel patents, and Apple's plan to acquire Novell patents.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
This week, we pass around Sony's new PlayStation Vita for some hands-on testing, check out HP's newest Beats Audio laptop, and debate the best and worst Valentine's Day gadget gifts.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
Digital Encryption Standard (DES) is an encryption standard , where as SHA-1, which has apperantly been broken, is a hashing function.