GOOG Alphabet Inc

By Robert McMillan 

A cryptographic technology long central to internet security has been dealt a knockout blow by researchers at Google and a Dutch research institute.

In a paper to be published Thursday, the researchers demonstrate an attack on an algorithm called SHA-1, which has been widely used over the past 20 years to verify the authenticity of digital documents.

SHA-1 has worked behind the scenes to guarantee that the websites people visit are, in fact, are what they claim to be. It is what is known as a "hash function"--a technique for turning any digital document into a unique 40-digit sequence of letters and numbers. That digital fingerprint serves as a quick way of authenticating digital certificates, passwords, even office documents.

Called a "collision attack," the researchers' technique is something cryptographers have contemplated since 2005, when researchers in China reported the first significant flaws in SHA-1. Until now, "it was only a theoretical attack," said Marc Stevens, a researcher with the Centrum Wiskunde & Informatica in Amsterdam, which collaborated with Alphabet Inc.'s Google unit on the effort. "We actually did it."

Once the most widely used algorithm of its type, SHA-1 is no longer considered state of the art. It hasn't been used in the production of digital certificates for websites since January 2016, and is only "lightly used" by publicly available sites, according to Ivan Ristic, founder of security vendor Qualys Inc.'s SSL Labs. Browser makers are rolling out changes now that mark SHA-1 digital certificates as untrustworthy.

But Mr. Stevens and Elie Bursztein, his collaborator at Google, said the algorithm is still used often, particularly for validating the integrity of documents. Mr. Ristic and other security experts say, for example, that SHA-1 is likely to be found behind corporate firewalls on devices where software upgrades are difficult, such as point-of-sale terminals in retail stores.

In their attack, the researchers were able to create two different documents that generated identical SHA-1 hash values, essentially allowing hackers to swap out an authenticated digital certificate for something else. It is the kind of swap that could trick a computer into believing a malicious website was Google.com or that a virus was legitimate software.

It was no easy feat. It took two years of painstaking mathematical and software development work and close to 7,000 years of chip processing time to crack the code, with CWI contributing the mathematical expertise and a team of collaborators at Google helping with the software and computing power.

The fact that this SHA-1 attack has moved from the realm of the theoretical to the practical is a major development for cryptographers because it is likely the most computationally intensive cryptographic problem ever solved, said Dan Boneh, a computer science professor at Stanford University.

Security professionals need to take note too, he added. "A lot of [chief security officers] in various organizations are going to freak out and they're going to drop what they're doing and they're going to buy new certificates," he said.

Now that they have solved the problem, Messrs. Stevens and Bursztein said they believe that a subsequent attack would take only about a month and cost about $100,000, using publicly available cloud-computing servers. That would put it within range of well-funded adversaries.

Google will wait 90 days before releasing the code behind its attack and it has also developed a free system that will detect use of this technique in files, the company said.

With its $100,000 computational price tag, the SHA-1 attack is unlikely to be widely used, but such advanced techniques have appeared in at least one previous attack. In 2012, Microsoft Corp. disclosed that a collision attack was used to disguise malicious software called Flame as a legitimate program on Windows systems. Flame was eventually linked to a state-sponsored attack on several Middle Eastern countries.

Write to Robert McMillan at robert.mcmillan@wsj.com

(END) Dow Jones Newswires

February 23, 2017 08:14 ET (13:14 GMT)

Alphabet (NASDAQ:GOOG)
Historical Stock Chart
From Mar 2024 to Apr 2024

Alphabet (NASDAQ:GOOG)
Historical Stock Chart
From Apr 2023 to Apr 2024