Bruce Schneier says SHA-1 is broken in a preprint paper from the same Chinese research group that broke MD5 and SHA-0 last year, as noted in our blog post at the time. Watch my delicious linklog for more details as they roll in over the next few days.

Like the earlier attacks, this is a collision attack, not a preimage attack, so it isn’t likely to actually break very many systems. But it’s a big warning sign that we should switch to new algorithms.

This is also definitive evidence that our government’s policies discouraging domestic cryptographic research have backfired, since now some Chinese university researchers are ahead of our own NSA. (*)

(*) Footnote: I believe this to be true because if this were an attack the NSA were aware of, they’d have released a SHA-2, the same way they replaced SHA with SHA-1.

(Change notes: previous version of this post said “they’d be working towards” rather than “they’d have released”, which is clearly an absurd thing to say. Also, it said “would be aware” rather than “were aware”, and “it aided the creation of a SHA-1” rather than “they replaced SHA with SHA-1”; these changes were made for clarity.)