2

Given that Google have found a collision for the SHA-1 algorithm, does this imply that any passwords which are hashed using SHA-1 are broken?

(Note that this question is mostly to allow for searches looking for details about the SHA-1 case to return sensible results - see the dupe for the details)

Matthew
  • 27,263
  • 7
  • 89
  • 101

1 Answers1

4

No more than they were already. The method of generating the collision demonstrated requires the ability to modify and insert relatively large volumes of data, in both colliding files. In other words, you can generate a pair of colliding files, but not generate a collision with an arbitrary file, using this specific method. In password terms, this means that unless you used a password supplied by an attacker, which is several kb long, the attacker wouldn't be able to use their own password (also several kb long) to access your account through a hash collision. Obviously, in this case, they could also just use the password they gave you.

However, any passwords which are hashed with SHA-1 should be considered as insecurely stored anyway - modern hardware means that it is possible to try hundreds of thousands of potential passwords, even if salted, per second. Hashing algorithms designed for password storage slow down this testing process massively, which also makes finding potential collisions much slower.

Matthew
  • 27,263
  • 7
  • 89
  • 101