Researchers urge industry to retract standard SHA-1 quickly

Researchers are urging the industry to retract standard SHA-1 as soon as possible. In as little as three months, the SHA-1 internet security standard used for digital signatures and set to be phased out by January 2017, could be broken by motivated hackers, a team of international researchers found. “We urge the industry to consider shifting this deadline up and enterprises should not wait any longer to migrate to SHA-2.” More details and recommendations are available in the group’s technical report.