[193863] in North American Network Operators' Group
Re: SHA1 collisions proven possisble
daemon@ATHENA.MIT.EDU (James DeVincentis via NANOG)
Wed Mar 1 08:28:35 2017
X-Original-To: nanog@nanog.org
Date: Tue, 28 Feb 2017 13:16:23 -0600
To: nanog@nanog.org
In-Reply-To: <20170227141835.GA29888@cmadams.net>
From: James DeVincentis via NANOG <nanog@nanog.org>
Reply-To: James DeVincentis <james.d@hexhost.net>
Errors-To: nanog-bounces@nanog.org
The CA signing the cert actually changes the fingerprint (and serial =
number, which is what is checked on revocation lists), so this is not a =
viable scenario. Beyond that, SHA1 signing of certificates has long been =
deprecated and no new public CAs will sign a CSR and cert with SHA1.
> On Feb 27, 2017, at 8:18 AM, Chris Adams <cma@cmadams.net> wrote:
>=20
> Once upon a time, valdis.kletnieks@vt.edu <valdis.kletnieks@vt.edu> =
said:
>> There's only 2 certs. You generate 2 certs with the same hash, and =
*then* get
>> the CA to sign one of them.
>=20
> The point is that the signed cert you get back from the CA will have a
> different hash, and the things that they change that cause the hash to
> change are outside your control and prediction.
>=20
> --=20
> Chris Adams <cma@cmadams.net>
Even with massive computing power, the tampering is still detectable =
since this attack does not allow for the creation of a hash collision =
from any arbitrary document. It requires specific manipulation of all =
items that result in a collision.
> On Feb 27, 2017, at 7:39 AM, valdis.kletnieks@vt.edu wrote:
>=20
> On Mon, 27 Feb 2017 07:23:43 -0500, Jon Lewis said:
>> On Sun, 26 Feb 2017, Keith Medcalf wrote:
>>=20
>>> So you would need 6000 years of computer time to compute the =
collision
>>> on the SHA1 signature, and how much additional time to compute the
>>> trapdoor (private) key, in order for the cert to be of any use?
>>=20
>> 1) Wasn't the 6000 years estimate from an article >10 years ago?
>> Computers have gotten a bit faster.
>=20
> No, Google's announcement last week said their POC took 6500 CPU-years
> for the first phase and 110 GPU-accelerated for the second phase.
>=20
> You are totally on target on your second point. A million node botnet
> reduces it to right around 60 hours.
