Ethical Hacking Training at InfoSec Institute

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Computer Forensics Computer-Forensics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: SHA1 showing it's age

from [dave kleiman] Network Security [Permanent Link]
Subject: RE: SHA1 showing it's age
Date: Thu, 17 Feb 2005 17:16:44 -0500 
 Has anyone read
http://www.financialcryptography.com/mt/archives/000355.html ??

"""'Addendum: rumours are circulating that the 'break' is only under some
conditions ... the paper explains fully and we haven't seen the paper. See
the below comment from Stefan Brands, and also I noticed some rather caustic
remarks posted anonymously in places. As all SHA1 implementations are tested
against each other, almost by definition, this would intimate that the
attack doesn't work in the field, only in the lab. Still worrying enough to
downgrade SHA-1, as behind every theoretical attack lurks an opportunity for
an economic attack."""""

"""""it seems that Schneier forgot to mention that the paper has a footnote
which says that the attack on full SHA-1 only works if some padding (which
SHA-1 requires) is not done."""""



____________________________________________
Dave Kleiman, CIFI, CISM, CISSP, ISSMP, MCSE

www.SecurityBreachResponse.com



-----Original Message-----
From: H Carvey [mailto:keydet89@yahoo.com]
Sent: Thursday, February 17, 2005 07:54
To: forensics@securityfocus.com
Subject: Re: SHA1 showing it's age

In-Reply-To: <20050217021655.GB2420@sentinelchicken.org>

Tim,


Luckily this (similar to the MD5 issue from last year) has very
little impact on our work in the short term. Proving a collision in a


I am not entirely convinced.  This type of issue, while not a
catastrophic failure of SHA1, does affect data at rest more than it
affects any other uses of hashes.


I'm not sure that I follow the whole "data at rest" issue you've raised.


This issue shouldn't affect things like SSL and hashed passwords, even
when it becomes public (as I understand it).  But it does affect uses
of hashes to guarantee integrity of files on disk.


I'm not sure I follow there, either.  While I can certainly see a denial of
service aspect, in order for that to happen, physical security of the disk
will have to have been compromised...and it's all over anyway.

When I compute hashes with tools I've developed, I like to use both SHA-1
and MD5 hashes, as well as collecting the file size.  The likelihood that
both hashes could be collisions while maintaining recorded file size, and
still do something useful for the attacker (other than DoS) are very slim, I
would think.


While they certainly are far-fetched, it does bolster the notion that
your forensic images had better be well-secured, even if you have hard
copies of all of your hashes in a different location.


As far as forensic images being well-secured...don't we already do that?


True, this would eliminate the attacks in the paper above.  But I also
know of a lot of software that still uses only MD5.  I have met
forensic examiners who have never heard of SHA1.  I took a class from
an EnCase certified instructor who didn't realize that MD5 alone won't
provide integrity against malicious attacks if the hash isn't separated
from the data.  I felt compelled here to try and dissiminate some
crypto knowledge.


I'm sure this is the case, but at the same time, I would (like to) think
that these situations are anomolous, and not the norm.  Such is the case in
many professions...and the instances where these things happen,
professionals are able to deal with them (ie, education, training, etc.).

For the most part, I think that professionals are able to understand the
strengths and weaknesses of the tools they use.


All I am saying here is:  Don't dismiss the issue outright.  We should
keep an eye on the story as it develops, and decide what the
implications information becomes available.


If I'm not mistaken, that's pretty much what Matt said, re: strategic, not
tactical.

H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com

-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and tracking
system please see: http://aris.securityfocus.com





-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
[More with this subject...]


<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: SHA1 showing it's age, Surago Jones
Next by Date:  Re: SHA1 and MD5 of passphrases, kumquat
Previous by Thread:  Re: SHA1 showing it's age, Tim
Next by Thread:  RE: SHA1 showing it's age, Surago Jones
Indexes:  [Date] [Thread] [Top] [All Lists]