Stop using SHA1: It’s now completely unsafe

Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm’s use for security-sensitive functions should be discontinued as soon as possible.

SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made.

To read this article in full or to leave a comment, please click here


Uranium Seawater Extraction Makes Nuclear Power Completely Renewable

New technological breakthroughs from DOE’s PNNL and ORNL national laboratories have made removing uranium from seawater within economic reach. And nuclear fuel made with uranium extracted from seawater makes nuclear power as renewable as solar, hydro and wind. Just the 4 billion tons of uranium presently in seawater would fuel a thousand 1,000-MW nuclear power plants for a 100,000 years. But uranium extracted from seawater is replenished continuously because U concentrations are controlled by steady-state chemical reactions between waters and rocks on the Earth, both in the ocean and on land. It’s impossible for humans to extract enough U to lower the overall seawater concentrations of U over the next 5 billion years, even if nuclear provided 100% of our energy. Of course, humans won’t last anywhere near that long!

All articles