使用 sha1 进行 AWS S3 签名真的安全吗?
Is it actually safe to use sha1 for AWS S3 signing?
The Signature element is the RFC 2104 HMAC-SHA1 of selected elements
from the request.
但是维基百科说 sha1 不再安全了:
As of 2020, chosen-prefix attacks against SHA-1 are now practical[8]
as such, it is recommended to remove SHA-1 from products as soon as
possible and use instead SHA-256 or SHA-3. Replacing SHA-1 is urgent
where it is used for signatures.
https://en.wikipedia.org/wiki/SHA-1
还有一个人以 68771.0 MH/s 的速度暴力破解 sha1 的基准测试!
https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40
SHA-1 和 HMAC-SHA1 不是一回事,在某些用例中,HMAC-SHA1 仍然被认为是安全的。看看这个问题:https://crypto.stackexchange.com/questions/26510/why-is-hmac-sha1-still-considered-secure
The Signature element is the RFC 2104 HMAC-SHA1 of selected elements from the request.
但是维基百科说 sha1 不再安全了:
As of 2020, chosen-prefix attacks against SHA-1 are now practical[8] as such, it is recommended to remove SHA-1 from products as soon as possible and use instead SHA-256 or SHA-3. Replacing SHA-1 is urgent where it is used for signatures.
https://en.wikipedia.org/wiki/SHA-1
还有一个人以 68771.0 MH/s 的速度暴力破解 sha1 的基准测试! https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40
SHA-1 和 HMAC-SHA1 不是一回事,在某些用例中,HMAC-SHA1 仍然被认为是安全的。看看这个问题:https://crypto.stackexchange.com/questions/26510/why-is-hmac-sha1-still-considered-secure