Hacker News new | ask | show | jobs
by ahnick 1191 days ago
> Absolutely. And this is one of the methods that is used to do just that. I'm not talking about a theoretical security issue here, this is a weakness that has been leveraged in the real world for a long time.

Oh really? Care to share some examples of SHA-256 and SHA-3 collisions?
1 comments
JohnFen 1191 days ago
Not sure what would count as examples here, honestly. The ones I know of were what I encountered when I was working in cryptographic security, and I don't think any of those incidents were made publicly available.

That said, there are readily available tools that use things like rainbow tables to "crack" SHA-256 salted password hashes. By "crack", I mean to come up with a password that hashes to the same value.

These tools are in successful use every day.

link
ahnick 1191 days ago
Yeah, I didn't think so. :) I know of no single incident of SHA-256 or SHA-3 having collisions successfully generated.

Cracking SHA-256 with rainbow tables is a fundamentally different exercise as you are relying on someone having selected a weak password that you can then generate a hash for. The weakness is not in SHA-256, but in the weak user selected password.

link
JohnFen 1191 days ago
> I know of no single incident of SHA-256 or SHA-3 having collisions successfully generated.

That's fine, I don't expect you to believe me without evidence. But I have seen this happen more than once in my work.

> you are relying on someone having selected a weak password

Stated another way, you are relying on having some idea of what the original data looked like, so you can reduce the search space. Absolutely correct.

However, if you're hashing public records like real estate, where you literally have the clear text, that's a much simpler problem than cracking passwords. All you need to do is alter the document in the way that you want, then find what other changes are needed to create a collision with the original hash. This is not very computationally intensive compared to password cracking.

Add in that the amount of money on the line with real estate can be high enough that it would make it worth throwing serious resources at it -- more than the average password cracker could even begin to summon -- and my confidence in the security of the hashes is greatly reduced.

Here's an interesting general overview of the problem: https://medium.com/asecuritysite-when-bob-met-alice/can-i-cr...

link