Abacwaningi abavela eFrench National Institute for Research in Informatics and Automation (INRIA) kanye neNanyang Technological University (Singapore) ngcono ku-algorithm ye-SHA-1, eyenza kube lula kakhulu ukwakhiwa kwamadokhumenti amabili ahlukene anamahashi afanayo e-SHA-1. Ingqikithi yendlela ukunciphisa ukusebenza kokukhetha okugcwele kokushayisana ku-SHA-1 kuya , lapho kwenzeka khona ukungqubuzana uma iziqalo ezithile zikhona, kungakhathaliseki ukuthi iyiphi idatha esele kusethi. Ngamanye amazwi, ungakwazi ukubala iziqalo ezimbili ezichazwe ngaphambilini futhi uma unamathisela eyodwa kudokhumenti eyodwa futhi enye kwesesibili, umphumela we-SHA-1 hashes kulawa mafayela uzofana.
Lolu hlobo lokuhlasela lusadinga izibalo ezinkulu futhi ukukhethwa kweziqalo kuhlala kuyinkimbinkimbi kunokukhethwa okuvamile kokungqubuzana, kodwa ukusebenza kahle komphumela kuphezulu kakhulu. Nakuba kuze kube manje indlela eshesha kakhulu yokuthola iziqalo zokushayisana ku-SHA-1 idinga ukusebenza okungu-277.1, indlela entsha yehlisa inani lezibalo kububanzi obusuka ku-266.9 ukuya ku-269.4. Ngaleli zinga le-computing, izindleko ezilinganiselwe zokuhlasela zingaphansi kwezinkulungwane eziyikhulu zamaRandi, okuyinto engaphakathi kwezindlela ze-intelligence ejensi nezinkampani ezinkulu. Ukuze uqhathanise, ukucinga ukushayisana okuvamile kudinga cishe ukusebenza okungu-264.7.
Π Ikhono le-Google lokukhiqiza amafayela e-PDF ahlukene nge-SHA-1 hash efanayo iqhinga elihlanganisa ukuhlanganisa amadokhumenti amabili abe yifayela elilodwa, ukushintsha isendlalelo esibonakalayo bese ugudluza umaki wokukhetha ungqimba endaweni lapho kwenzeka khona ukungqubuzana. Ngezindleko ezifanayo zensiza (i-Google ichithe unyaka yenza ikhompuyutha kuqoqo lama-GPU angu-1 ukuze ithole ukushayisana kokuqala kwe-SHA-110), indlela entsha ikuvumela ukuthi uzuze ukufana kwe-SHA-1 kwamasethi amabili edatha angenangqondo. Ngasohlangothini olusebenzayo, ungalungiselela izitifiketi ze-TLS ezikhuluma ngezizinda ezihlukene, kodwa zibe namahashi afanayo e-SHA-1. Lesi sici sivumela isiphathimandla sokunikeza izitifiketi esingathembekile ukuthi sidale isitifiketi sesiginesha yedijithali, esingasetshenziswa ukugunyaza izitifiketi ezingelona iqiniso ezizindeni ezingafanele. Udaba lungaphinda lusetshenziselwe ukufaka engozini izimiso eziyisisekelo ezithembele ekuziphatheni okungashayisani, njenge-TLS, i-SSH, ne-IPsec.
Isu elihlongozwayo lokusesha iziqalo zokushayisana libandakanya ukuhlukanisa izibalo zibe izigaba ezimbili. Isigaba sokuqala sicinga amabhulokhi asonqenqemeni lokungqubuzana ngokushumeka okuguquguqukayo okungahleliwe kusethi yomehluko wethagethi echazwe ngaphambilini. Esigabeni sesibili, ezingeni lamabhuloki ngamanye, amaketanga omehluko avelayo aqhathaniswa namapheya ezifunda eziholela ekungqubuzaneni, kusetshenziswa izindlela zokuhlaselwa kokukhethwa kokushayisana kwendabuko.
Naphezu kweqiniso lokuthi kungenzeka ithiyori yokuhlaselwa kwe-SHA-1 kwafakazelwa emuva ngo-2005, futhi ngokwenza ukushayisana kokuqala kwaba. ngo-2017, i-SHA-1 isasetshenziswa futhi imbozwe ngamazinga athile nobuchwepheshe (TLS 1.2, Git, njll.). Injongo eyinhloko yomsebenzi owenziwe kwakuwukunikeza enye impikiswano ephoqelelayo yokumiswa ngokushesha kokusetshenziswa kwe-SHA-1, ikakhulukazi ezitifiketini namasiginesha edijithali.
Ukwengeza, kungaphawulwa i-cryptanalysis ye-block ciphers , ithuthukiswe yi-US NSA futhi yagunyazwa njengezinga elijwayelekile ngo-2018 .
Abacwaningi bakwazile ukwenza indlela yokuthola ukhiye oyimfihlo ngokusekelwe kumapheya amabili aziwayo ombhalo osobala kanye ne-ciphertext. Ngezinsiza zekhompuyutha ezilinganiselwe, ukukhetha ukhiye kuthatha amahora ambalwa kuya ezinsukwini ezimbalwa. Izinga lempumelelo yasetiyetha yokuhlasela lilinganiselwa ku-0.25, kanti elisebenzayo lesibonelo esikhona ngu-0.025.
Source: opennet.ru