I was catching up on all my unread email when I saw an email telling Bugtraq on how the SHA-1 encryption algorithim has been broken by a research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China). These guys have published a semi-private paper describing how they broke the crypto.
Now that even this algorithim is broken, we have to move to a new hash function that is harder to break. The National Institute of Standards and Technology (NIST) already has standards for harder-to-break hash functions: SHA-224, SHA-256, SHA-384 and SHA-512. They’re already part of government standards and can be used. Though I don’t know how fast people with switch to the new hashes.
A pretty good introduction to secure hashes is available here to help put all this in context.
Original Story: SHA-1 Broken, Schneier.com
– Suramya