Google and others recently embarked on a hash collision journey and discovered a collision in the industry cryptographic hash function standard known as SHA-1. A hash collision, in short, is where two contents (say, two separate files) are different but have the same SHA-1 digest.
A secure hash function must meet the requirement of producing a unique hash for inputs that are not identical. The result of this discovery is that we can no longer trust an SHA-1 digest to be representative of the inputs' content.
The SHA-1 hash function has been deprecated by NIST for more than 5 years now, yet it still remains in widespread use. Since SHA-1 is no longer recommended, we highly recommend switching over to alternatives such as SHA-256, SHA-512, and SHA-3.
In the meantime, if you're a Komand customer, we have you covered with our release of the SHAttered integration. This new plugin utilizes shattered.io's collision checking service, and allows you to check files for collisions via security orchestration and automation. The SHAttered website also provides practical information on the SHA-1 collision attack for security professionals and the general public.
Here are the details on the new plugin:
Check for an SHA-1 hash collision
Along with this new integration, we've also created an automated workflow in Komand to check for SHA-1 collisions, and notify the security team in the event of one.
We will continue to monitor this new development, and share any new techniques we learn while managing or mitigating SHA-1 collisions with orchestration and automation.