SHA1CRK – Request for Comments and Participation

Hi all,

I found it a pity when the SHA-1 Collision Search Graz shut down.
Since then, I've been thinking about starting my own distributed
computing project to continue the search for a SHA-1 collision “the
hard way”, i.e. using brute force. In order to be able to start
something without having to set up a central server and all the other
infrastructure, I worked out an architecture using Twitter as a
communication channel between the clients. I dubbed the architecture
Distributed Computing 2.0, and held a little presentation about it at
the NDC 2010 conference earlier this year.

But I need help. Actually, I need help on three things: the
architecture itself, the approach to find a SHA-1 collision, and help
to implement a client (or clients) to do the work. Here are some more
details on each of these points:

The architecture: Since the client hasn't been implemented completely
yet, there is still some unknown territory in the protocol. Any help
on this would be appreciated. Thoughts on the whole “Distributed
Computing 2.0” would be welcome too.

The approach to find a SHA-1 collision: There are better ways to find
a SHA-1 collision than brute force, but I don't know whether they're
distributable and how well they fit with the architecture I proposed.
It would be great to get some comments on that, and maybe we could
higher the chances for a SHA1CRK project to succeed.

Implementation: If you're a good Ruby, Java, C#, C++ or C-programmer
(or any other language) and looking for a hobby project to work on,
maybe SHA1CRK is something for you? So far I've implemented a
prototype, but since it's implemented in Ruby, it may not be the
fastest solution. It's also working off-line for the moment thanks to
Twitter's switch to OAuth. People interested in the code can get a
copy, and can contact me off-line.

For those of you who think it would be infeasible to find a SHA-1
collision in this manner: you're probably right. If that really
matters, you should probably just continue to the next thread in this
group. If I've done my calculations right, and assuming Moore's Law
continues to be valid, a collision could be expected somewhere in the
thirties or forties (of this century). And I'm expecting to see a
SHA-1 collision in a not so far future – in fact, I would have
expected one would have been published by now. But maybe there are
other people out there who at least want to give it a try?

BTW, notice that the architecture is agnostic about the function for
which the project tries to find a collision. If a SHA-1 collision
would be found, it would be relatively easy to switch to the next
hashing function and start working on that one.

For more details and information, including work on the protocol and a
link to my presentation at NDC 2010, see http://home.online.no/~vlaenen/sha1crk/index.html

Filip van Laenen
.