PGP keys can be cracked using leased hashing power, according to new researchworth $ 50,000. Hacking is carried out using collision attacks.
Identity thieves now have another onetool: hashing power rented out by miners. This is the conclusion reached by the authors of a new SHA-1 cryptanalysis published earlier this month. This once popular hash function was created by the US National Security Agency and scrapped in the mid-2000s after it failed tests of simulated hacker attacks. After this, SHA-2 became the current standard, also used in Bitcoin.
SHA-1 still finds use incertain circles, for example, in the Git program and other obsolete products for the safe transfer of data on computers, the authors of the article claim. The paper was published by Gaetan Leurent of the French National Institute for Digital Science and Technology and Thomas Peyrin of Nanyang University of Technology in Singapore.
Despite notifications in 2006 and 2015 fromWith the National Institute of Standards and Technology (NIST) reporting that federal agencies should stop using the outdated hash function, and other studies warning of the shortcomings of SHA-1, scientists continue to warn companies to switch to other hash functions.
“SHA-1 signatures are now virtually insecure,” — noted in the document.
Laurent and Peyrin rented from Bitcoin minersexcess hashing power, which allowed them to carry out an attack by substituting a participant. Recall that last year, researchers said that the growth in the liquidity of the mining capacity market is dangerous for the industry. True, then it was about 51% attacks.
Hash functions are one-way cryptographicA scrambler is included in the basic security of cryptocurrencies and can also be used to verify the identity of users. In PGP keys, a message, called plain text, is compressed and scrambled using a one-time “key session.” When combined with a public key, users can securely transmit information to anyone else. To decrypt a message, recipients match their private key with the session key.
According to the document, PGP keys can be hackedusing rented hashing power at a cost of just $50,000. Hacking can be accomplished using collision attacks, where different inputs result in the same random hash. When this happens, the two parties have access to the same key.
“It's so cheap because the calculations are onGPUs are currently very cheap,” — Peirin said in a telephone interview. “It will become even cheaper in the coming years. Our attack might cost about $45,000 now, but in, say, five to ten years it will cost less than $10,000.”
Although many users have stopped usingSHA-1, Laurent and Peirin noted that two popular self-testing tools — Pretty Good Privacy (PGP) and GnuPG are at risk of peer spoofing attacks via hash function collisions for some legacy applications.
“We have no data on how many actuallyYukis (a popular self-test device) uses old versions", — Peirin said. “Unfortunately, many people are used to using SHA-1, and one of the reasons — continuity. It would be expensive to stop using the hash function.”
The development of hash functions
The same week it was discoveredvulnerability in SHA-1, an alternative solution has appeared — BLAKE3. Four cryptanalysts, including Zcash creator Zooko Wilcox, presented BLAKE3 as another alternative to the many hash functions available for commercial use today.
Wilcox told CoinDesk that usingMerkle trees became an incentive to develop a new standard. Merkle trees, first patented in 1979 by Ralph Merkle and used in cryptocurrencies, effectively store verified data and allow devices to simultaneously perform the same calculations in the so-called “parallelism”.
As noted in the BLAKE3 document, the use of Merkle trees "supports an unlimited degree of parallelism." In other words, this is a very fast hash function.
BLAKE3 hash function speed
Mainly intended for testingvideo streams, the hash function is based on the BLAKE family of functions, such as BLAKE1 and BLAKE2. SHA-1 also has its own family: SHA-2 and SHA-3. However, unlike BLAKE, the SHA family was created due to the need to fix SHA-1 after several hash functions were broken at once in 2004. In fact, Bitcoin's hash function is SHA2-256 — member of the same family.
After the 2004 hack, experts expectedSHA-2, created three years earlier, will suffer the same fate as SHA-1. However, years later, SHA-2 is still heavily used, while SHA-1 continues to fade. The cost of launching an attack on applications using SHA-1 continues to decline, according to studies by Laurent and Peyrin.
Hash function life expectancy by programmer Valerie Aurora
So what about BLAKE3 and other hash functions like SHA-256? Are all functions destined to go the way of SHA-1? Not really, according to BLAKE3 lead writer Jack O'Connor.
“We learned a lot in the 90s and are not repeating the mistakes that were made with SHA-1,” — said O'Connor.
It is unfair to extrapolate the death of SHA-1 toother features, as it depends on how future technologies counteract the emergence of safer and more powerful hash functions, such as BLAKE3.
“Some believe that all secure hash functions ineventually become outdated — they have a limited lifespan. However, in the early 2000s, cryptographers learned how to create secure hash functions — they had all failed before. After that, not one of them suffered such a fate,” — Wilcox said.
</p></p>Read this:
Microsoft researchers discovered the infection of 80,000 devices with the hidden miner Dexphot
BitFlyer Europe adds the ability to purchase cryptocurrencies using bank cards
Upbit updated security systems after hacking
Astronomers have discovered a whole new class of black holes
Found a new way to measure gravity using pairs of atoms
In which countries are bitcoins mined – global power distribution