On Mon, 2020-11-02 at 12:53 +0100, Neal H. Walfield wrote:
Hi,
It's well known that SHA-1 is broken. I don't want to save it. But, particularly when dealing with data at rest, there are cases where one has to use SHA-1. It would be nice if Nettle integrated SHA-1 collision detection to make that a tiny bit safer:
https://github.com/cr-marcstevens/sha1collisiondetection
That library is under the MIT license, and apparently detects known attacks against SHA-1:
[The routines] will compute the SHA-1 hash of any given file and additionally will detect cryptanalytic collision attacks against SHA-1 present in each file. It is very fast and takes less than twice the amount of time as regular SHA-1.
More specifically they will detect any cryptanalytic collision attack against SHA-1 using any of the top 32 SHA-1 disturbance vectors with probability 1: ...
The possibility of false positives can be neglected as the probability is smaller than 2^-90.
Thanks,
:) Neal
This change would have to be conditional as it will break compatibility for the very use case you mention, data at rest saved moons ago.
Simo.