[IMC-Tech] HASHING IS POINTLESS
xmux
xmux at riseup.net
Sun Jun 26 18:45:46 PDT 2005
Heh, I would say that "HASHING IS POINTLESS" is a pretty alarmist thing
to say.
This attack, like the recently published attacks on MD5, is a
_collision_ attack which doesn't affect the majority of security
applications of cryptographic hashes (except perhaps some uses of
digital signatures). A collision attack means that you have found a way
to generate two different plaintexts (they don't even have to be
meaningful) that hash to the same thing and that you can do it more
efficiently than brute force (2 ^ (n / 2)). A lot of people suspect
that creating a hash function that is completely resistant to this type
of attack might not even be possible.
A much more difficult and dangerous attack that would break a lot of
things would be discovering an efficient way to take the output of a
hash function (a hash) and "reverse" it to generate a plaintext that
will hash to the original value. This type of attack is called a
preimage attack and no such attack currently exists on any cryptographic
hash.
cheers,
xmux
Rémi Dièze wrote:
>Hi !
>
>Now there's a copy of the paper about SHA-1 collision on the web. You
>can read "Finding Collisions in the Full SHA-1," by Xiaoyun Wang
>
>http://www.schneier.com/blog/archives/2005/06/sha_cryptanalys.html
>
>R.#.
>
>_______________________________________________
>imc-tech mailing list
>imc-tech at lists.indymedia.org
>http://lists.indymedia.org/mailman/listinfo/imc-tech
>
>
>
More information about the imc-tech
mailing list