About Professor Wangxiaoyun of Shandong University to crack MD5 and SHA-1 report, let people are concerned about the security of electronic information, what is the truth?
Ask what is most important to you in everyday life and what makes you most headache. Believe that many people answer is the password. "Please enter the password, please lose again", whether it is at the bank counter or surfing the Internet, such hints are commonplace to us. Bank password, login password, mailbox password, the password of various games, the password of each user name ... Passwords are an integral part of life in the world. Recently, the Wangxiaoyun professor of Shandong University cracked MD5 and SHA-1 reports frequently published in the newspaper, so that people are concerned about the security of electronic information, the password really can not rely on it?
What is cracked
Information security state Key laboratory professor, cryptography expert Shing in the office calmly told reporters: "MD5 and SHA-1 belong to the hashing algorithm, from the design principle, there is the possibility of collision, Professor Wangxiaoyun method to shorten the time to find collisions, is an important outcome." But she found is strong without collision, to be able to find a weak without collision, only real crack, only practical significance. ”
According to the definition of cryptography, if the contents of different plaintext, through hashing algorithm results (cryptography is called Information Digest) the same, it is called "collision." Hash algorithm is not used to encrypt plaintext, so that others can not understand, but through the information summary of the comparison to prevent the original text tampering.
As the only official representative of China at the "crypto′2004" and "RSA 2005" annual meetings, Professor Hing stressed: "Collisions are divided into ' strong without collision ' and ' weak without collision '." Strong without collision is unable to produce the actual meaning of the original text, it can not tamper with and forge a meaningful text. "There is no real meaning to forge a thing that no one can read through strong collisions." Professor Zhai also let reporters browse the "RSA 2005" Conference summary of the meeting, international cryptography expert Shamir (Shamir) at the "RSA 2005" annual meeting on Professor Wangxiaoyun found a pair of strong collision-free views: "This is an important thing, but does not mean that the password is cracked." ”
Reality is not a worry
"There is an essential difference between finding a pair of strong collisions and finding meaningful collisions," he said. Professor Zhai thought the explanation was not accurate. "At the ' RSA 2005 ' annual meeting, experts believe that SHA-1 is now absolutely safe to use for another 5-10 years, and plans to consider replacing it after 2010," he said. ”
We know that the method of theoretically cracking the cipher, if it is to be realized in reality, requires a huge amount of computing by the supercomputer, which is typically thousands of years. In the practical application, the crack time is too long means that the crack will lose the realistic meaning.
China Financial Certification Center (CFCA) technical advisor, the original construction Bank of the Science and Technology Department chief engineer, has participated in the "Electronic signature Law" made by the Guan Zhenxie Introduction: "The current online banking certification using multiple hashing algorithm encryption means." such as the B to B transaction, first of all, the online bank of the form of a SHA-1 summary calculation, and then the customer filled out the information to be calculated; Finally, the bank received the information and then signed. If you want to tamper with the information, you must crack 3 times (the premise is able to crack, and now do not), even if you are several days or months after the break, the transaction has already been completed. At the same time, the transmission of Information digest should be carried out in PKI system (public key Infrastructure), PKI system is now mostly applied RSA algorithm, the security of this algorithm can be assured. Therefore, it is absolutely impossible for a real-time system such as a bank to tamper with information to influence the transaction process. ”
What if we concentrate on all the military supercomputers to crack? Let's think about how poor the entire American force is, and what you do with a business deal. Such weak algorithms as hashing algorithms are not used by government departments at all.
In addition, the general also said: "The forgery of digital certificates is impossible." A digital certificate contains a lot of specific content, which is meaningful only if you have a specific set of information, including a serial number. It is impossible to forge the corresponding summary information according to the specific original content. ”
We see that it is impossible to do some tampering and forgery if we cannot find a weak, no collision, or if we find a weak and collision-free computer and can't find a super mainframe. Furthermore, when management discovers that the security of the algorithm may be risky, it is not difficult to change a new algorithm.
Engaged in computer security manufacturers, the so-called password cracking are not. They believe that any product has a life cycle, product technology improvement work time is in progress. Although some people say the cryptographic algorithm is unsafe, there is no real harm happening now. Information security has a variety of preventive measures to ensure that hashing algorithm is only one of the weaker, do not worry too much.
The Devil is a ruler, and the road is a tall Zhang. With the development of technology, no means can never be unchanged. Today's world is safe, and you don't have to worry about passwords.
A collision creates a problem. Wangxiaoyun and others have discovered the problems existing in hashing algorithm, which will help the future hashing algorithm designers to take this aspect into account, and make the new hashing algorithm have better security. For example, when des began to be unsafe, more and more powerful encryption techniques emerged. No matter what the result, Professor Wangxiaoyun's results are enough to cheer us up, the study of commercial cryptography has played a role in promoting.
Link a
What is strong without collisions and weak without collisions
The hash function h is called weakly collision-free, which means that the x∈x of a given message is almost impossible to find in the computation of X ' ∈x, making hx =hx '. The hash function h is called a strong collision-free means that it is almost impossible to find the difference x, X ' in computation, making the Hx =hx '. A weak collision is the same summary information for a given message x, or for the plaintext you want to forge. That means you can control the contents of the plaintext. Strong collision-free means that you can find the same summary information, but the forged plaintext is not known. The most digital signatures are text content is human readable content, if you produce a human unreadable collision does not have a significant impact on the original. Professor Wangxiaoyun found a strong, no collision.
Link Two
Digital signature and verification process
The two sides of the network communication, after mutual authentication, can send the signed data message. The whole process of digital signature is divided into two parts: signature and verification.