這是一篇寫在Antara apartment一樓泳池邊上的隨筆。

今天起來(lái)收到一條推送消息，說(shuō)SHA-1被破解了，google搞的事，如果你不是IT從業(yè)者，那么以下內(nèi)容你可以直接無(wú)視，因?yàn)槟憧床欢?/p>

我是一個(gè)程序員，但是我一開(kāi)始并不知道這條消息的重要性，因?yàn)槲也恢繱HA-1是個(gè)什么鬼。

好了，現(xiàn)在跟隨我的步伐走一遍：SHA-1從入門到放棄（PS：我都是google出來(lái)的，我只是搬運(yùn)工）。

what the hell is SHA-1? here is the digest from wikipeia:

In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function designed by the United States National Security Agency and is a U.S. Federal Information Processing Standard published by the United States NIST.[3] SHA-1 produces a 160-bit (20-byte) hash value known as a message digest. A SHA-1 hash value is typically rendered as a hexadecimal number, 40 digits long.

SHA-1 is no longer considered secure against well-funded opponents. In 2005, cryptanalysts found attacks on SHA-1 suggesting that the algorithm might not be secure enough for ongoing use,[4] and since 2010 many organizations have recommended its replacement by SHA-2 or SHA-3.[5][6][7] Microsoft,[8] Google,[9] Apple[10] and Mozilla[11][12][13] have all announced that their respective browsers will stop accepting SHA-1 SSL certificates by 2017.

On February 23, 2017 CWI Amsterdam and Google announced a practical collision attack against SHA-1,[14][15] publishing two dissimilar PDF files which produce the same SHA-1 hash as proof of concept.[16]

我嘗試著用我這蹩腳的英語(yǔ)翻譯個(gè)大概給大家聽(tīng)：

SHA-1是高逼格密碼界的一種加密算法，由老美國(guó)家安全機(jī)構(gòu)設(shè)計(jì)并發(fā)行，SHA-1算法，就是將任何信息：圖片、聲音、文字、文件換算成40長(zhǎng)度的16進(jìn)制數(shù)字-下文稱之為摘要。算法剛出來(lái)的時(shí)候，傲嬌的宣稱世界上不可能存在兩個(gè)信息的摘要是一樣的。

但是google今天打了老美的臉，發(fā)布了兩個(gè)不一樣的pdf文件，摘要是一樣的。這兩張pdf就是一張宣紙，宣告SHA-1不再是一種安全的加密算法。SHA-1已死。

其實(shí)在2005年的時(shí)候就理論上發(fā)現(xiàn)了SHA-1不安全，知道今天，google終于著找到了確切的證據(jù)。

好了，就一句話，以后不要用SHA-1就對(duì)了。