Google breaks security of crypto algorithm sha1

SHA1 is a Hash security algorithm that was created back in 1995 and serves to guarantee the integrity of the data that is sent over the Internet. This Hash cryptographic algorithm has been with us for many years, but from the year 95 to date, the technological and communications world has changed a lot.

SHA1 algorithm is broken after 22 years

For some time it has been commented that the SHA1 algorithm could be broken and that it is no longer safe. During 2015 it was beginning to be said seriously that in theory SHA1 was broken and that the best thing to do was migrate to SHA2.

It is not until now that Google officially announces that SHA1's security has been breached, after 22 years. Google has been able to break the SHA1 security system in its laboratories, demonstrating its ineffectiveness and zero security.

How does the Hash and SHA1 algorithm work?

When we calculate the Hash sum of a file we get a series of hexadecimal characters that should be unique and unrepeatable. Thanks to this we can know if a file that originally had an "abc" hash, after sending it over the Internet, the recipient gets the same sum "abc" and not a different sum that could indicate that the file was modified somewhere in between.

What Google has done is manipulate two files so that they have the same Hash, something that should never happen.

Doing this was not easy at all, it took 9, 223, 372, 036, 854, 775, 808 cycles. Using brute force, it would take more than 12 million graphics cards to break the security of SHA1 but with the new Google technique "only" it took 110 cards working for a year to reach the result.

Fortunately, there are new versions of this cryptographic algorithm, such as SHA2 and SHA3, which are very secure today and are used by most servers.