Light Dark
February 27, 2017 By Mark Samuels 2 min read

Google’s announcement of the first-ever collision attack means the Secure Hash Algorithm 1 (SHA-1) is officially dead, according to a report from Bleeping Computer.

SHA-1 is a cryptographic function that generates hashes for digital data. These hashes should be unique and help prove the identity of a file. However, the successful collision attack undermines that uniqueness, and the algorithm can thus no longer be considered secure.

The demise of SHA-1, which was designed by the United States National Security Agency several decades ago, creates significant implications for businesses that rely on the algorithm for the delivery of files across the web. Technology companies should work to move from SHA-1 as soon as possible.

How Did Google Run the Attack?

This successful attack marks the conclusion of two years’ research between Google and the CWI Institute in Amsterdam. In a blog post, Google noted how CWI researcher Marc Stevens published an initial theoretical paper on SHA-1 collision in 2013.

The blog post explains researchers had to overcome some considerable challenges to build a theoretical collision attack in practice. As many as 6,500 years of CPU computation were required to complete the first phase of attack, and 110 years of GPU computation for the second phase. During these phases, researchers ran more than 9 quintillion different SHA-1 computations in total.

As proof of the attack, Google released two PDFs with identical SHA-1 hashes but different content.

What Is a Collision Attack and Why Does It Matter?

A collision occurs when two distinct pieces of data, such as a document or website certificate, produce a hash with the same number value. Collisions should, in theory, never occur for secure hash functions.

However, experts have long believed a well-funded attacker could craft a collision in a flawed algorithm, such as SHA-1. Google’s research proved this flaw and demonstrates how an attacker could use a collision attack to replace one file with another.

An errant individual or third party, for example, could use two colliding contracts to trick another party into digitally signing a higher-value contract. The seller could later claim the purchaser signed a contract with drastically different terms and a much higher price.

What Should Businesses and IT Managers Do Now?

The demise of the algorithm comes at a time when many organizations still rely on SHA-1. Estimates suggest thousands of software packages could use SHA-1 to ensure the safe installation and update of files distributed over the web.

Google says its research highlights how the IT industry must break its reliance on SHA-1. The source code for performing the collision attack on SHA-1 will be published in 90 days.

Stevens told Ars Technica that any individual or business still using SHA-1 should look to move to a safer standard before real-world attacks take place. He suggested that continued growth in computational power means it will become cheaper and easier to run such attacks.

Security Intelligence reported late last year how major technology firms such as Microsoft and Mozilla would stop accepting outdated certificates. In its blog post announcing the collision attack, Google suggests businesses should urgently move from SHA-1 to safer alternatives such as SHA-256.

 |  |  |  | 
Mark Samuels
Tech Journalist

More from

March 26, 2025

We are moving!

< 1 min read - SecurityIntelligence.com is being sunset, but have no fear!We have a new home for all of your favorite security and X-Force content.Follow us to www.ibm.com/think to maintain access to the stories and news you love, both new and old.Security Intelligence will officially sunset on Friday, March 28, 2025. To access the latest security thought leadership, go here. To access the latest X-Force research, go here.If you are experiencing cybersecurity issues or an incident, contact X-Force® to help:US hotline: 1-888-241-9812 | Global hotline:…

March 18, 2025

Bypassing Windows Defender Application Control with Loki C2

10 min read - Windows Defender Application Control (WDAC) is a security solution that restricts execution to trusted software. Since it is classified as a security boundary, Microsoft offers bug bounty payouts for qualifying bypasses, making it an active and competitive field of research.Typical outcomes of a WDAC bypass bug bounty submission:Bypass is fixed; possible bounty awardedBypass is not fixed but instead "mitigated" by being added to the WDAC recommended block list. Likely no bounty awarded but honorable mention is typically givenBypass is not…

March 4, 2025

FYSA — VMware Critical Vulnerabilities Patched

< 1 min read - SummaryBroadcom has released a security bulletin, VMSA-2025-0004, addressing and remediating three vulnerabilities that, if exploited, could lead to system compromise. Products affected include vCenter Server, vRealize Operations Manager, and vCloud Director.Threat TopographyThreat Type: Critical VulnerabilitiesIndustry: VirtualizationGeolocation: GlobalOverviewX-Force Incident Command is monitoring activity surrounding Broadcom’s Security Bulletin (VMSA-2025-0004) for three potentially critical vulnerabilities in VMware products. These vulnerabilities, identified as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, have reportedly been exploited in attacks. X-Force has not been able to validate those claims. The vulnerabilities…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature