Lucene search
K

7 matches found

The Coalfire Blog
The Coalfire Blog
added 2021/03/03 5:30 p.m.15 views

Properties of secure hash functions

The news of NIST and their SHA-3 algorithm competition and a recent lunch and learn at Denim Group reminded me of the Cryptographic lectures I gave at UTSA. One of the hardest concepts my students had grasping was secure cryptographic hash functions, partially because of the number theory, but al...

0.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/01/09 7:4 p.m.114 views

Exploit Fully Breaks SHA-1, Lowers the Attack Bar

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 SHA-1 code-signing encryption, used by legacy computers to sign the certificates that authenticate software downloads and prevent man-in-the-middle tampering. The exploit was developed by...

7.1AI score
Exploits0References7
Vulnrichment
Vulnrichment
added 2016/10/14 4:0 p.m.4 views

CVE-2005-4900

SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists to provide a common identifier for referencing this SHA-1 issue; the existence of an identifier is...

6.5AI score0.00938EPSS
Exploits0References11
CVE
CVE
added 2009/01/05 8:0 p.m.338 views

CVE-2004-2761

CVE-2004-2761 describes that the MD5 Message-Digest Algorithm is not collision resistant, enabling context-dependent spoofing attacks, notably in X.509 certificate signatures. Several connected sources corroborate this weakness and its use in real-world contexts (e.g., Red Hat SCEP / PKI componen...

9.8CVSS7.1AI score0.09854EPSS
Exploits0References26Affected Software1
Vulnrichment
Vulnrichment
added 2009/01/05 8:0 p.m.4 views

CVE-2004-2761

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate...

6.6AI score0.09854EPSS
Exploits0References26
securityvulns
securityvulns
added 2005/02/17 12:0 a.m.30 views

SHA family hash functions cryptographic weakness

Cryptographic weakness found making real strength against coliisions: collisions in the the full SHA-1 in 269 hash operations, much less than the brute-force attack of 280 operations based on the hash length. Collisions in SHA-0 in 239 operations. Collisions in 58-round SHA-1 in 233 operations...

1.5AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2005/02/15 12:0 a.m.7 views

PT-2005-1108

Name of the Vulnerable Software and Affected Versions SHA-1 affected versions not specified Description The issue is related to the SHA-1 algorithm not being collision resistant, making it easier for attackers to conduct spoofing attacks. This has been demonstrated by attacks on the use of SHA-1 ...

6.3CVSS6.5AI score0.00938EPSS
Exploits0References77
Rows per page
Query Builder