This post originated from an RSS feed registered with Agile Buzz by James Robertson. Original Post: SHA-0 broken? Feed Title: Michael Lucas-Smith Feed URL: http://www.michaellucassmith.com/site.atom Feed Description: Smalltalk and my misinterpretations of life Latest Agile Buzz Posts Latest Agile Buzz Posts by James Robertson Latest Posts From Michael Lucas-Smith

You may have heard by now that SHA-0 has been "broken" and that MD5 is rumored to also be "broken". What does this actually mean:

There are two main concepts behind a modern hash like SHA-0, SHA-1 and MD5 which are:

1. Upon hashing some content, it should be 1-way, you should never be able to 'undo' the hashing
2. The likelihood of two pieces of content producing the same hash should be very very low and randomly distributed

In the case of SHA-0 being "broken", it is point 2 that is now flawed. They have found two inputs that produce the same output. They did it using a generalised mathematic principle - which means given one hash, they can generate a new piece of content that will produce the same hash - given 80,000 CPU cycles

Effectively, if you have a username+password combination stores as an SHA-0 hash in your database and you use it to authenticate whether somebody is logging in validly and somehow a hacker gets access to the hashes you have stored - they will be able to generate (after lots of CPU work) a new username+password combination (not the original) that will produce the same hash and let them log in to your system.

Please note the if's.