Thumbs down for fake thumbprints

Assoc Prof Thomas Peyrin is part of a team that discovered a critical flaw in the SHA-1 security algorithm. Credit: NTU.

At the core of security applications in telecommunications, banking and access control is the Secure Hash Algorithm 1 (SHA-1) hash function, which is used to digitally authenticate processes in devices such as mobile phones, personal computers and smart cards.

In a recent study, cryptographic experts Assoc Prof Thomas Peyrin of NTU’s School of Physical and Mathematical Sciences and Dr Gaëtan Leurent of the French National Institute for Research in Digital Science and Technology demonstrated a critical security flaw in SHA-1, which enables attackers to forge and authenticate digital documents with a seemingly correct fingerprint.

Using advanced mathematical algorithms and a cluster of 900 graphics processing units, the researchers devised a “chosen-prefix collision attack” targeted at a type of file called a PGP/GnuPG certificate (a digital proof of identity that relies on SHA-1), successfully breaking the SHA-1 security algorithm.

“Our demonstration shows that meaningful data, like names or identities in a digital certificate secured by the SHA- 1 hash function, can be counterfeited,” says Assoc Prof Peyrin.

“We hope that our study will encourage the industry to quickly move away from the use of weak cryptographic functions such as SHA-1 to more secure functions like SHA-2.”

Major browser vendors have recently banned usage of SHA-1, and since publication of the findings, many famous security protocols are forgoing SHA-1 for SHA-2.

The study “SHA-1 is a shambles: First chosen-prefix collision on SHA-1 and application to the PGP Web of Trust” was presented at global security conference USENIX Security 2020 and published in Cryptology ePrint Archive (2020), eprint.iacr.org/2020/014.

The article appeared first in NTU's research & innovation magazine Pushing Frontiers (issue #18, February 2021).