During a routine security audit, the administrator discovers that two different archived log files produce the exact same SHA-1 hash value, even though their contents differ. Which type of cryptographic attack does this finding most likely indicate?
A collision attack specifically targets the collision resistance property of a hash function: it tries to generate two distinct inputs that yield the same hash value. Discovering two different files with an identical digest is the textbook symptom of such an attack.
Why the others are wrong:
Birthday attack: Although it exploits the birthday paradox to find a collision faster, it does not fit the scenario where a collision has already been observed.
Downgrade attack: Forces parties to use a weaker algorithm or protocol version; it does not involve identical hashes for different inputs.
Replay attack: Captures and reuses valid authentication data but does not manipulate hash functions or create identical digests.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a collision attack?
Open an interactive chat with Bash
What are hash functions and how do they work?
Open an interactive chat with Bash
What are some examples of hashing algorithms that can be vulnerable to collision attacks?