According to this article, and many others, SHA-1 is not secure.
In my case, I am not concerned about passwords or digital certificates. I am concerned about file integrity.
Is it reasonably possible for a file (e.g. an ISO image or executable file) to be maliciously altered in a way that:
- Maintains the original file's SHA-1 hash, and
- Maintains the file's overall content and operation (but of course now includes malicious content that was not originally there)
The way I see it, altering a file in a way that yields a SHA-1 collision would render the file totally useless. The ISO would be totally corrupt, or the executable file would be so utterly scrambled it wouldn't even be an executable file anymore.
But, the way I see it could well be wrong. So far I have found nothing on Google searches in regards to SHA-1's continued suitability for file verification. Any insights?
Best Answer
Nobody has yet accomplished this for SHA-1. It is possible in theory, but still not practical. The reports about insecurity in SHA-1 just mean that the security level is not as high as we would like it to be and that means we don't have as many years before we have to worry about this as we thought we did.
It is harder to produce a file with the same SHA-1 hash as a given file than it is to craft two files yourself with the same SHA-1 hash. And as far as we know, nobody anywhere in the world has yet accomplished even this easier task. That doesn't mean it can't happen tomorrow though.