Google researchers have engineered an extremely rare and invisible collision, but they didn’t need the Large Hadron Collider to do it.
That’s because their collision isn’t atomic, it’s cryptographic: after years of trying, Google found a way to crack the SHA-1 cryptographic hash function, a security building block that enables digital signatures and HTTPS encryption.
Cracking SHA-1 requires creating a cryptographic hash collision, which is essentially when a single hash, or “digest” applies to two different files.
“A collision occurs when two distinct pieces of data—a document, a binary, or a website’s certificate—hash to the same digest,” Google explained in a blog post. “In practice, collisions should never occur for secure hash functions. However if the hash algorithm has some flaws, as SHA-1 does, a well-funded attacker can craft a collision.”
The danger of a collision is much the same as weak encryption: hackers could exploit it. In this case, they could use a collision to trick a system into accepting a malicious document or other file using the hash of a benign one.
Google’s collision comes more than 20 years after SHA-1 was first introduced, and suggests that the standard isn’t secure enough to handle sensitive information. To prove their collision, Google’s researchers provided two PDFs that have identical SHA-1 hashes but different content.
“We hope that our practical attack against SHA-1 will finally convince the industry that it is urgent to move to safer alternatives such as SHA-256,” Google wrote.
Other security experts agree: in light of Google’s findings, password management company LastPass said it would be accelerating its retirement of SHA-1. LastPass, the Google Chrome browser, and much of the rest of the Internet is gradually moving to the SHA-256 encryption standard.