German text: http://www.heise.de/newsticker/meldung/77235
Babelfish-translated to english: Hash function SHA-1 in distress Kryptoexperten demonstrated an extended attack method to the conference Crypto 2006 against a reduced variant of the hash algorithm SHA-1. With the new method it concerns now for the first time an attack, with which at least a part of the message is freely selectable for example as plain language. Past beginnings, for instance the look up-exciting collision attack of Xiaoyun Wang and their coworkers, could produce only almost completely different Hash twins of same length, who consist of senseless. The demonstration was only limited to the reduced SHA-1-Variante with 64 steps, can however according to estimate of the experts also on the regular 80-walking variant be generalized. Thus also SHA-1 would have to be regarded as in principle cracked. Christian Rechberger, which developed the new attack as well as its colleague Christophe De Canni?re, explained opposite heise Security that in its attempts up to a quarter of the message freely could be selected. The remaining 75 per cent are still given by the attack. Rechberger assumes however that the freely selectable portion can be still increased by further optimization of the attack. With the newest raid now at least the attacks against walk-reduced SHA-1-Varianten reach the same level as for example the attacks against the older MD5-Algorithmus. The most successful SHA-1-Angriff after Wang remained so far without consequences for practice, since the produced Hash twins were always completely illegible. With the method presented now however for example two HTML documents with a long senseless part could be produced after the locking day, which possess the same Hash value despite easily different HTML part owing to the adapted appendage. The SHA-1-Algorithmus is still the furthest common hash algorithm at all, although now already longer rapid progress appears with the SHA-1-Angriffen. Still the successful verallgemeinerung of the new attack method is pending on the unreduzierte Standard-SHA-1, but now it is highest time to find a suitable successor. A possible way exists in a public advertisement, how was successfully practiced it to 1997 with the successor of the schwaechelnden coding algorithm. Until a new standard was found, safer alternatives can put such as SHA-256 or SHA-512 at least the slat for attacks more highly. By the longer Hash values the actual collision computations are much more complex than with the 160-bittigen predecessor.
