Cov kws tshawb fawb los ntawm Fabkis National Institute rau Kev Tshawb Fawb hauv Informatics thiab Automation (INRIA) thiab Nanyang Technological University (Singapore) txhim kho mus rau SHA-1 algorithm, uas yooj yim heev rau kev tsim cov ntaub ntawv sib txawv nrog tib SHA-1 hashes. Lub ntsiab lus ntawm txoj kev yog txo qis kev ua haujlwm ntawm kev xaiv kev sib tsoo tag nrho hauv SHA-1 rau , nyob rau hauv uas muaj kev sib tsoo tshwm sim thaum muaj qee qhov prefixes tam sim no, tsis hais tus so ntawm cov ntaub ntawv hauv cov txheej txheem. Hauv lwm lo lus, koj tuaj yeem suav ob lub npe ua ntej thiab yog tias koj muab ib qho rau ib daim ntawv thiab lwm qhov mus rau ib qho thib ob, qhov tshwm sim SHA-1 hashes rau cov ntaub ntawv no yuav zoo ib yam.
Hom kev tawm tsam no tseem xav tau cov kev suav loj loj thiab kev xaiv cov ntawv ua ntej tseem nyuaj dua li kev xaiv kev sib tsoo ib txwm, tab sis qhov kev ua tau zoo ntawm qhov tshwm sim yog ntau dua. Whereas txog tam sim no txoj kev ceev tshaj plaws rau kev nrhiav kev sib tsoo ua ntej hauv SHA-1 xav tau 277.1 kev ua haujlwm, txoj kev tshiab txo cov lej ntawm kev suav mus rau thaj tsam ntawm 266.9 txog 269.4. Nrog rau qib kev suav no, kwv yees tus nqi ntawm kev tawm tsam yog tsawg dua li ib puas txhiab daus las, uas yog qhov zoo nyob rau hauv cov koom haum txawj ntse thiab cov tuam txhab loj. Rau kev sib piv, nrhiav kev sib tsoo tsis tu ncua yuav tsum muaj kwv yees li 264.7 kev ua haujlwm.
Π Google muaj peev xwm tsim cov ntaub ntawv PDF sib txawv nrog tib SHA-1 hash ib qho kev ua kom yuam kev suav nrog kev sib koom ua ke ob cov ntaub ntawv rau hauv ib cov ntaub ntawv, hloov cov txheej txheem pom thiab hloov cov txheej txheem xaiv rau thaj chaw uas muaj kev sib tsoo. Nrog rau cov peev txheej zoo sib xws (Google siv ib xyoos ntawm kev suav ntawm ib pawg ntawm 1 GPUs kom pom thawj SHA-110 kev sib tsoo), txoj kev tshiab tso cai rau koj kom ua tiav SHA-1 match rau ob qhov kev txiav txim siab cov ntaub ntawv. Ntawm qhov ua tau zoo, koj tuaj yeem npaj TLS daim ntawv pov thawj uas hais txog cov npe sib txawv, tab sis muaj tib yam SHA-1 hashes. Qhov no feature tso cai rau ib tug unscrupulous daim ntawv pov thawj txoj cai los tsim ib daim ntawv pov thawj rau ib tug digital kos npe, uas yuav siv tau los tso cai tsis tseeb daim ntawv pov thawj rau arbitrary domains. Qhov teeb meem kuj tseem tuaj yeem siv los cuam tshuam cov txheej txheem uas tso siab rau kev sib tsoo, xws li TLS, SSH, thiab IPsec.
Cov tswv yim npaj rau kev tshawb nrhiav ua ntej rau kev sib tsoo yuav tsum faib cov kev suav ua ob theem. Thawj theem tshawb nrhiav cov blocks uas nyob rau ntawm verge ntawm kev sib tsoo los ntawm embedding random chain variables rau hauv lub hom phiaj sib txawv ua ntej. Nyob rau theem thib ob, nyob rau theem ntawm ib tus neeg blocks, cov txiaj ntsig ntawm kev sib txawv yog muab piv nrog cov khub ntawm lub xeev ua rau kev sib tsoo, siv cov txheej txheem ntawm kev xaiv kev sib tsoo tsoos.
Txawm hais tias qhov tseeb tias qhov kev xav tau ntawm kev tawm tsam ntawm SHA-1 tau raug pov thawj rov qab rau xyoo 2005, thiab hauv kev xyaum thawj kev sib tsoo yog Xyoo 2017, SHA-1 tseem siv tau thiab tau them los ntawm qee cov qauv thiab thev naus laus zis (TLS 1.2, Git, thiab lwm yam). Lub hom phiaj tseem ceeb ntawm txoj haujlwm ua tiav yog los muab lwm qhov kev sib cav sib ceg rau kev tso tseg tam sim ntawm kev siv SHA-1, tshwj xeeb tshaj yog hauv daim ntawv pov thawj thiab kos npe digital.
Tsis tas li ntawd, nws tuaj yeem raug sau tseg cryptanalysis ntawm block ciphers , tsim los ntawm US NSA thiab pom zoo raws li tus qauv hauv 2018 .
Cov kws tshawb fawb muaj peev xwm tsim tau ib txoj hauv kev kom rov qab tau tus yuam sij ntiag tug raws li ob qho kev paub ntawm cov ntawv dawb thiab ciphertext. Nrog rau kev siv nyiaj tsawg, xaiv tus yuam sij yuav siv sij hawm los ntawm ob peb teev mus rau ob peb hnub. Qhov kev vam meej theoretical ntawm qhov kev tawm tsam yog kwv yees ntawm 0.25, thiab qhov ua tau zoo rau tus qauv uas twb muaj lawm yog 0.025.
Tau qhov twg los: opennet.ru