Institute National The US Institute of Standards and Technology (NIST), a government agency within the US Department of Commerce, announced on Thursday that it will officially retire the SHA-1 cryptographic algorithm, and the body also advised companies to phase out the algorithm by 2030. remove access SHA-1 stands for Secure Hash Algorithm 1, and it’s been nearly 27 years since its initial release.
This hash algorithm is used in cryptography and is considered vulnerable in collision attacks. In this regard, while the hash algorithms must be irreversible, which means that after the process of hashing the password to another state, it must be impossible to restore it to its original state, usually based on text, and the lack of resistance of the SHA-1 algorithm. It can be used to produce the same hash value for two inputs.
In February 2017, a group of researchers from Amsterdam and Google discovered the first practical technique to create a SHA-1 hashed value decryption process, effectively challenging the algorithm’s security. Widespread attacks on the SHA-1 algorithm and security problems led the American Institute of Standards and Technology (NIST) in 2015 to mandate US federal agencies to stop using the algorithm to generate digital signatures.
According to NIST’s Cryptographic Algorithm Validation Program, as of January 2018, there are approximately 2,272 software libraries that still support SHA-1. In addition to encouraging organizations and companies to use SHA-2 and SHA-3, the Standard Institute has recommended that the SHA-1 algorithm be completely retired by 2030.
- Add Passkey security feature in the stable version of Google Chrome
- Google has accused the Barcelona-based company of selling online spying tools
- Google’s unveiling of OSV-Scanner to accurately identify software vulnerabilities
