active_hashcash icon indicating copy to clipboard operation
active_hashcash copied to clipboard
verified publisher icon BaseSecrete

Replace JS implementation of SHA1 with SubtleCrypto

Open schmijos opened this issue 1 year ago • 1 comments

Reimplementing the hashing algorithm in JavaScript (see Hashcash.sha1) renders this library vulnerable to one specific attack: An attacker could fork this library and use a faster implementation of SHA1 and address all users of active_hashcash.

I'd like to suggest that we replace the custom SHA1 implementation with one of the Web Crypto API. I suspect this is rather easy and would give 10-20 times more protection according to your note in the README.

The hashing function to be used would probably be the one with most widely-accessible onchip support and equal performance distribution.

If you want to dig deep, have a look at the testing distributions of SHA512. On that site I also found very interesting to look at what hash functions even exist.

schmijos avatar Feb 29 '24 09:02 schmijos

Absolutely, improving the speed of SHA1 is critical.

I also thought the Crypto API should be faster than a custom SHA1, but that wasn't the case. That is why I switched here 2df3ba5983cf93bec85035dde74de1e4f03c3c66. But probably I miss used the Crypto API.

I also have the idea to compile the SHA1 in wasm. If you have any experience in one of those, that would be greatly appreciated!

alexisbernard avatar Feb 29 '24 16:02 alexisbernard