Episode 5
March 10, 2017
SHA-1
security
cryptographic hash function
Sergio
This week Morris and Sergio discuss Google’s announcement of a successful collision attack on the SHA-1 cryptographic hash function.
Show Notes
- Cloudbleed and SHA-1 Collision with Max Burkhardt An excellent discussion of the topic on Software Engineering Daily.
- Shattered.it The branded marketing site for this research result. The actual paper is here.
- Cryptographic hash function An excellent Wikipedia article on the topic.
- FNV (Fowler Noll Vo) hash function (Wikipedia)
- Bloom Filters An excellent introduction by Jason Davies.
- SHA-1 Broken A very informative piece by Bruce Schneier from 2005 (12 years ago!). His take on the current announcement: “This is not a surprise."
- Year 2038 Problem (Wikipedia)
- HMAC (Hash-based message authentication code) (Wikipedia)
- Linus Torvalds on how the SHA-1 collision announcement affects git. A more cynical take on the situation.