CWI & Google Unveil Collision Attack on SHA-1 Algorithm

Auteur :

Laatst bijgewerkt: 8 december 2025

CWI & Google Unveil Collision Attack on SHA-1 Algorithm

Marc Stevens (CWI) and Google jointly announce that they have broken the SHA-1 internet security standard in practice.

Today, Thursday 23 February 2017, researchers at the Dutch research institute CWI and Google jointly announce that they have broken the SHA-1 internet security standard in practice. This industry standard is used for digital signatures and file integrity verification, which secure credit card transactions, electronic documents, GIT open-source software repositories and software distribution. CWI cryptanalyst Marc Stevens says: “Many applications still use SHA-1, although it was officially deprecated by NIST in 2011 after exposed weaknesses since 2005. Our result proves that the deprecation by a large part of the industry has been too slow and that migration to safer standards should happen as soon as possible”.

Read the full article HERE

Read More

Scroll naar boven