D2, MD4, MD5, SHA1 signature algorithms are known to be vulnerable to collision attacks. Attackers can exploit this to generate another certificate with the same digital signature, allowing them to masquerade as the affected service.
A hash function takes a variable-length digital input and coverts it into a fixed-length random hash value.
Hasing algorthems like MD5 and SHA-1 are vulnerable to collision attacks. In a collision attack an attacker finds two messages with the same hashed output and sends the incorrect one to the receiver.
It is recommended to use safer alternatives, such as SHA-256, SHA-512, SHA-3.
import hashlib import Crypto m1 = hashlib.md5() # Insecure, Use of MD5 m2 = hashlib.sha1() # Insecure, Use of SHA1 m3 = Crypto.Hash.MD5.new() # Insecure, Use of MD5
import hashlib import Crypto m1 = hashlib.sha512() m2 = hashlib.sha256() m3 = Crypto.Hash.SHA256.new()