{"id":2362,"date":"2017-02-24T02:11:24","date_gmt":"2017-02-24T01:11:24","guid":{"rendered":"http:\/\/borncity.com\/win\/?p=2362"},"modified":"2017-02-24T02:12:06","modified_gmt":"2017-02-24T01:12:06","slug":"warning-sha1-has-been-hacked-successfully","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2017\/02\/24\/warning-sha1-has-been-hacked-successfully\/","title":{"rendered":"Warning: SHA1 has been hacked successfully"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">Google announced that Cryptographic hash function SHA-1 has been successfully hacked. It was possible to create two distinct PDF documents with the same SHA-1 hash code.<\/p>\n<p><!--more--><\/p>\n<p>Hash codes are used in browser security,&nbsp; file security and more. If a file or a message uses a hash code, it should prove, that the content wasn't altered. But there are several hash algorithms, some are weak and some are hackable. MD5 has been quoted as \"unsecure\" for hash functions sind years. SHA-1 has been the next candidate \u2013 and security researchers proposed, that this hash code function will be hacked somewhere in 2017. Therefor browser developers has begun to remove support for SHA-1 in 2017. <\/p>\n<p><img decoding=\"async\" src=\"https:\/\/3.bp.blogspot.com\/-Ca6n5XsDQU4\/WK6ljCSebeI\/AAAAAAAAAa4\/MXeyy0z13yIqp9DEWVLiqjJ_xSP2u7YOgCLcB\/s640\/Collision-illustrated.png\"><br \/>(Source: Google)<\/p>\n<p>Now Google announced <a href=\"https:\/\/security.googleblog.com\/2017\/02\/announcing-first-sha1-collision.html\" target=\"_blank\">the first SHA1 collision<\/a>. Together with <a href=\"https:\/\/www.cwi.nl\/\" target=\"_blank\">CWI Institute in Amsterdam<\/a> security researchers was able to generate a SHA-1 hash collision. As a proof of the attack, we are releasing two PDFs that have identical SHA-1 hashes but different content. So&nbsp; SHA-1 is unsecure from this moment on and shouln't be used. More details may be read at <a href=\"https:\/\/arstechnica.com\/security\/2017\/02\/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead\/\" target=\"_blank\">this Arstechnica article<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google announced that Cryptographic hash function SHA-1 has been successfully hacked. It was possible to create two distinct PDF documents with the same SHA-1 hash code.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[71,580],"tags":[69,684],"class_list":["post-2362","post","type-post","status-publish","format-standard","hentry","category-computer","category-security","tag-security","tag-sha1"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2362","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=2362"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2362\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=2362"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=2362"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=2362"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}