[Busec] SHA-1 shattered!

Mayank Varia varia at bu.edu
Thu Feb 23 11:01:48 EST 2017

Very cool! Thanks for sharing, Aanchal.

Question: can we leverage the break to convince the powers-that-be at BU
IS&T to upgrade their servers to negotiate better ciphers? My connection to
https://www.bu.edu uses okay-ish* public key crypto, but it then uses HMAC
over SHA-1 for symmetric authentication.**

Good thing it is not used for anything like BUWorks (which contains my PII
and allows someone to choose where my salary is direct-deposited) or
FacultyLink (where I enter the students' final grades at the end of the

Screenshot attached from Google Chrome.


* I'm trying to be generous here. Google is less generous.

** I know that HMAC doesn't require SHA-1 to be collision resistant (
http://cseweb.ucsd.edu/~mihir/papers/hmac-new.html). Still, their cipher
negotiation is massively outdated in general. What's that saying: never let
a crisis go to waste.

*** The web login page negotiates AES256-GCM, but then the actual grading
page itself negotiates the same ciphers as the main page.

[image: pasted1]

On Thu, Feb 23, 2017 at 10:04 AM Aanchal Malhotra <aanchal4 at bu.edu> wrote:

> http://shattered.io/
> SHA-1 collision now a reality. Colliding PDFs, infographics, etc..
> Good thing it is not used for anything like git or PGP.
> _______________________________________________
> Busec mailing list
> Busec at cs.bu.edu
> http://cs-mailman.bu.edu/mailman/listinfo/busec
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20170223/5b413e0a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pasted1
Type: image/png
Size: 37661 bytes
Desc: not available
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20170223/5b413e0a/attachment-0001.png>

More information about the Busec mailing list