SHA1 Brute forcing

There's no way to answer this question without knowing roughly the length of the decrypted hash. We could be talking about a difference between less than half a second each and greater than the age of the universe.

with or without nsa backdoors?

When you're talking about 2^256 hashes(greater than size of the digest), you don't even to crack the hashes. You can just start doing:

>SHA1(1)
>SHA1(2)
>...

Then for each digest, match it to your collection of hashes(which is stored somewhere magic with a capacity of 2^416 bits).

No that's stupid. Step 1 is crawling the target's facebook page to get names and birthdays of relatives to feed into your wordlist.

With 2^256 hashes, you could crawl the entire internet and it's not gonna help you.

Unless of course all these hashes are the same.

>SHA1 is broken
Nice meme. It's still safe from preimage attacks.

It's not though. It's definitely vulnerable to collisions but that isn't the same as completely broken like how MD5 is.

i know how sha is broken through collisions, but what flaws does md5 have?

SHA1 is not broken yet. Google discovered that you can create two files with identical hashes but differing content. You can't just take an existing file and copy the hash onto another file, both files have to be modified. Using it for anything is currently impractical which is why it's not a huge problem yet.

MD5 on the other hand is completely fucked. It's trivial to find collisions that allow anyone to spoof a file to match any other file. It's completely useless except for checking file integrity which is better left to CRC32 anyway.

>You can't just take an existing file and copy the hash onto another file, both files have to be modified
Google took a PDF with a hash and made another one with the same hash. It's exactly as "broken" as MD5 is from a cryptographic point of view.

Brute force what?

What are you doing here? Unchosen collision pairs? Full second-preimages? Partial second-preimages? Dictionary attacks? God help you, first-preimages?

sha-1 is fine

>You can't just take an existing file and copy the hash onto another file, both files have to be modified.
That is incorrect. For SHA-1, it has been shown that the original file does not need to be modified. See shattered.io

Does anyone know how much extra computing is required to spoof a file using SHA-1 as opposed to MD5?

MD5 is usually referred to as "completely broken". But SHA-1 is now broken in the same way -- so the difference can only be a matter of magnitude in computing power.

Are you literally retarded?

Using a broken crypto is retarded. We should implement SHA3 on every system now that the SHA2 is the next target.

some versions of RSA are broken
does that make RSA obsolete?

It should. I won't use RSA whenever I can because of this.

They are? I thought asymmetrical encryption can't be broken?

engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/

There was another vulnerability where listening to the CPU through a phones mic could let them crack RSA. It had >2 meters range.

>it has been shown that the original file does not need to be modified
yer full of shit, bud. The file was specially constructed to work. You can't just take any SHA1 hash and generate a file that has a matching hash.

Why are we talking about SHA1 as if it's fucking 2005.

because it's widely used and therefore interesting for attackers

ITT: retards thinking that the CIA/FBI/NSA can't crack any of these

every post in this thread is painful to read

could you please actually understand things before you try to wave your dick around on anonymous imageboards?

Explain it yourself then, nigger.

>LMGTFY
shattered.io/