Google announced last month the first ever collision generated in the SHA-1 cryptographic hashing algorithm. Or to paraphrase it – SHA-1 is not secure anymore. Truth be told, theoretical flaws in the algorithm were known for a long time. And this is why Secure Group has already moved on to SHA-2 for the implementation of Off-the-Record (OTR) encryption in our proprietary chat client, Secure Chat. But what does SHA-1’s demise mean for cryptography and security?
To answer this question, you have to understand what hashing is. If you look at cryptography, you could divide it into three different types:
- Symmetric cryptography where one key is used to both encrypt and decrypt a message
- Asymmetric, or public key cryptography, where you have a pair of keys: one to encrypt and one to decrypt.
- And hashing, a kind of one-way cryptography which just turns a message into nonsense with no key to turn it back into plaintext.
What is hashing and why it is necessary?
At first, one might be puzzled as to what is the purpose of doing the above mentioned one-way encryption. Making information incomprehensible with no way to revert it back to normal may seem like destroying it. But hashing serves an important purpose in cryptography – it guarantees data is authentic and not tampered with.
If you take the sentence “SHA-1 is dead” and run it through the SHA-1 algorithm (talk about rubbing salt in the wound), the output would be bb0e03c8c028b203aeed3bb45fd5d33f9cb88887. No matter how many times and under what circumstances you run the same sentence through it, the result would always be the same. But if you modify the input even slightly, the output would be completely different. Change just one character – write SHA-1 without the hyphen – and you’d get c4b4948c31fa9b4af1ad7152435115c23f75f190. Nothing in it hints that the input is almost identical.
In the digital world, hashing could guarantee a document is not modified by a third-party. If you send the file together with its hash, the recipient could see if the hash matches. If someone alters the document even in the slightest way, the hash won't match. In OTR encryption, hashing allows two parties to safely share their session keys over an unsecured channel. Even if intercepted, the hashes cannot be used to derive the original encryption keys.
What does the SHA-1 collision mean for cryptography?
A collusion is a bug in a hash function that allows two different inputs to create the same output. This is exactly what Google and CWI Amsterdam achieved with SHA-1. In their attack on the function, they managed to create the same hash from two different pdf files. For the cryptographic community, this news had been a long time coming. Theoretical weaknesses in the algorithm were uncovered in 2005, and since 2010 many organizations have stopped supporting it (Secure Group included).
The problem is that SHA-1 did have a rather long run as the industry standard. There are various legacy systems that cannot migrate fast enough to a newer and superior option like SHA-2. Version control system Git is one example. Internet browsers also trust certificates signed with SHA-1 to determine whether a website is legitimate. Mozilla and Chrome have started to reject such certificates since the start of this year, but Internet Explored has postponed that move for mid-2017.
As I already mentioned, Secure Group switched years ago to SHA-2 for Secure Chat. It is our vision that privacy could be guaranteed only by the best encryption technology – and a hash function first released in 1995, just ain’t it anymore in 2017. And while SHA-2 is good for the time being, we are already looking for alternatives to replace it with, so the security of our users' messages won’t be compromised by dated cryptography anytime soon.