It looks like SHA-1 has been further broken, allowing the attacker to choose some of the text in the collision. "Cryptographic experts at the Crypto 2006 conference have demonstrated a modified method of attack against a reduced variant of the SHA-1 hash algorithm. The new method is an attack which, for the first time, allows at least a part of the message to be freely selected, for example as straight text. Previous approaches, for example the collision attack by Xiaoyun Wang and her team, which attracted considerable attention, were merely able to produce almost completely different hash twins of the same length, both consisting of meaningless gibberish." |