During a routine security audit, the administrator discovers that two different archived log files produce the exact same SHA-1 hash value, even though their contents differ. Which type of cryptographic attack does this finding most likely indicate?
A collision attack specifically targets the collision resistance property of a hash function: it tries to generate two distinct inputs that yield the same hash value. Discovering two different files with an identical digest is the textbook symptom of such an attack.
Why the others are wrong:
Birthday attack: Although it exploits the birthday paradox to find a collision faster, it does not fit the scenario where a collision has already been observed.
Downgrade attack: Forces parties to use a weaker algorithm or protocol version; it does not involve identical hashes for different inputs.
Replay attack: Captures and reuses valid authentication data but does not manipulate hash functions or create identical digests.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are hash functions and why are they important in cybersecurity?
Open an interactive chat with Bash
Why is collision resistance significant for hash functions?
Open an interactive chat with Bash
How does a Birthday attack relate to a collision attack, and how are they different?