• To ensure you get the most out of your CIN membership and stay connected with the latest updates, we are asking all members to update their community profiles. Please take a few moments to log in and: • Complete all sections of your profile • Review your current information for accuracy • Enter an alternative email address if desired (CIN requires your valid business email address for your training organization). Keeping your profile up to date helps us better serve you, ensures your account is correctly linked with CompTIA’s CRM, streamlines processes, enhances communication, and guarantees you never miss out on valuable CIN opportunities. Thank you for taking this important step! step!

Analyzing Malicious Activity through Collision Attacks on SHA-1

Jump to latest Follow Reply
precious

precious

Well-known member
Apr 22, 2024
999
747
19,876
Lilongwe
#1
As part of Objective 2.4 (analyzing indicators of malicious activity), collision attacks on broken cryptographic algorithms, like SHA-1, are critical examples of tampering threats.

Key Takeaways:​

  • Collision Attack: When two distinct inputs generate the same hash, indicating possible tampering or forgery.
  • Broken SHA-1: SHA-1 is deprecated due to collision vulnerability, making it possible for attackers to create identical hashes for malicious files.

Practical Demo:​

  1. Demonstration: Use the website, which showcases a real-world collision attack on SHA-1. It provides two PDF files that generate the same SHA-1 hash, but contain different content.
  2. Verification: Have students download the example files from and use Python on https://github.com/OffensiveSoldier/Collision-attack/tree/main to hash them, demonstrating the collision.
  3. Discussion: Analyze how collision attacks can be used in malicious activities, such as bypassing digital signatures or integrity checks.
 
  • Like
Reactions: Hank Cox, Emmanuel Phakula Mandala and Brian Ford
#2
precious said:
As part of Objective 2.4 (analyzing indicators of malicious activity), collision attacks on broken cryptographic algorithms, like SHA-1, are critical examples of tampering threats.

Key Takeaways:​

  • Collision Attack: When two distinct inputs generate the same hash, indicating possible tampering or forgery.
  • Broken SHA-1: SHA-1 is deprecated due to collision vulnerability, making it possible for attackers to create identical hashes for malicious files.

Practical Demo:​

  1. Demonstration: Use the website, which showcases a real-world collision attack on SHA-1. It provides two PDF files that generate the same SHA-1 hash, but contain different content.
  2. Verification: Have students download the example files from and use Python on https://github.com/OffensiveSoldier/Collision-attack/tree/main to hash them, demonstrating the collision.
  3. Discussion: Analyze how collision attacks can be used in malicious activities, such as bypassing digital signatures or integrity checks.
Click to expand...
@precious Thanks for the insight this is very important information
 
  • Like
Reactions: MBA and precious
You must log in or register to reply here.
Top Bottom
Back
Jump to latest Follow Reply
Jump to latest Follow Reply
Home
Media
Resources
Menu