When i start a tomcat server, I see the log:"Creation of SecureRandom instance for session ID generation using [SHA1PRNG]"
Here is the question! As i know, SHA1 is not secure. if so, session ID generation using [SHA1PRNG] is a problem?
if it will be a security problem, what is the alternative idea(universal)?
The point is: SHA1 is actually broken, see for example https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
However: This is "only" for collisions and they took hundreds CPU hours of processing.
So two points are relevant: - You have to have a starting point, for the calculation of a collision - you don't have with a session ID, because if it is leaked nothing helps. - A session is only valid for a few hours
I would not consider it as a security risk, at least for short-duration session IDs
Short answer: sha1-prng is not broken even though sha1 is broken.
Long answer:
cryptographic hash functions are required to have many different properties, the most commonly cited ones being: collision resistance, pre image resistance, and 2nd pre image resistance. But there are other properties we want to, even though they might not make sense, such as 'looking like' a random oracle. We ask for these properties so that hash functions can be used in all sorts of crazy ways and people can think they are getting security from it.
But in reality, different constructs depend upon different properties of the underlying hash function. Sha1 in particular depends upon pre image resistance, not collision resistance or 2nd pre image resistance.
We know that collisions can be found in sha1 (we have known it for many years but a first example collision was only recently published). But nobody has provided evidence that other desired properties of sha1 are not satisfied.
As a consequence, constructs that require collision resistance are broken if sha1 is used, whereas constructs that don't require this property may still be okay. Sha1-prng does not require collision resistance for its security. Neither does HMAC-sha1 (I know many people are wondering about that one too).
