![]() ![]() ![]() Every year the chance that someone secretly has a full attack of SHA-1 increases. It could be that a full collision attack isn't far off. This is not quite the same thing as finding a collision for an existing block of data though, and mainly for this reason the attack could only be practically used against the hashes of the pieces for now and even then it wouldn't be possible to take over an third-party torrent, you'd have to produce your own. For example, early this year, an attack was published that allows a large organisation like a state actor or corporation, or a wealthy individual, to produce two different blocks of data with the same SHA-1 hash. Torrents rely heavily on the SHA-1 hash function: torrents are split into equally sized pieces and each piece's SHA-1 hash is kept in the info section of the torrent, which itself is identified and hence protected by its SHA-1 hash. Having SHA-256 or greater hashes would be great, but the odds of such an attack ever succeeding are astronomically low. You're much more likely to be at risk of someone putting up a "trap" torrent online that's designed to contain a virus or malicious content, but that would have been created by attackers and seeded by them as well (plus anyone who fell for the trap). I'd argue the amount of time it'd take to author such a file would render it almost impossible, even if you used a weaker hashing method such as MD5 out of the sheer difficulty of making so many conflicting and overlapping hashes. Imagine the difficulty of even computing a fake file that has the same SHA1 hash - and the hashes of your fake file's chunks would need to match the hashes of the original file's chunks. Scenario 2: A malicious user attempts to send you a fake file: Assuming that our attacker(s) knows what they're doing, it would still be very unlikely. It's almost impossibly unlikely that a chunk would just happen to have the same hash after being corrupted. ![]() Scenario 1: A mistake occurs: If another user sends you a bad piece or chunk (perhaps a one-in-a-million error occurs and the data is corrupted in transit), the hashes will not match and the chunk will be rejected. SHA-1 is an older method for file hashing and isn't recommended for new use, but it's arguably fine as it is now. Adding onto Encombe's answer as to the likely-hood of a fake, "forgery" happening: It's overwhelming unlikely that such a situation could or would occur, though it is possible.
0 Comments
Leave a Reply. |