[IMC-Tech] HASHING IS POINTLESS
Shayne O'Neill
shayne at perthimc.asn.au
Mon Jun 27 01:44:14 PDT 2005
Its sort of a one way encryption that cant be decrypted by anything. Or
thats the theory. Its also often used to uniquely verify tthe integrity of
something. (If a file is 'hashed' it produces a big long number. Only that
file can produce that number. Thus if you know the hash of a file you can
tell if the file has been tampered with)
With passwords often the password is never stored on a server, just its
hash. When you put your password in, it hashes it, then compares with the
version on the server. if they match its all good.
A colision is where two passwords or files or IP addresses or whatever
produce the same hash. Generally a bad thing, with a few specific
exceptions.
On Mon, 27 Jun 2005, Franz Treml wrote:
> sorry just for understanding can someone explain for me what a hash is ? or
> a reverse ? if it takes too much time no matter forget it
> Thx
>
> > --- Ursprüngliche Nachricht ---
> > Von: xmux <xmux at riseup.net>
> > An: imc-tech at lists.indymedia.org
> > Betreff: Re: [IMC-Tech] HASHING IS POINTLESS
> > Datum: Sun, 26 Jun 2005 22:45:46 -0300
> >
> > Heh, I would say that "HASHING IS POINTLESS" is a pretty alarmist thing
> > to say.
> >
> > This attack, like the recently published attacks on MD5, is a
> > _collision_ attack which doesn't affect the majority of security
> > applications of cryptographic hashes (except perhaps some uses of
> > digital signatures). A collision attack means that you have found a way
> > to generate two different plaintexts (they don't even have to be
> > meaningful) that hash to the same thing and that you can do it more
> > efficiently than brute force (2 ^ (n / 2)). A lot of people suspect
> > that creating a hash function that is completely resistant to this type
> > of attack might not even be possible.
> >
> > A much more difficult and dangerous attack that would break a lot of
> > things would be discovering an efficient way to take the output of a
> > hash function (a hash) and "reverse" it to generate a plaintext that
> > will hash to the original value. This type of attack is called a
> > preimage attack and no such attack currently exists on any cryptographic
> > hash.
> >
> > cheers,
> >
> > xmux
> >
> >
> >
> >
> >
> >
> > Rémi Dièze wrote:
> >
> > >Hi !
> > >
> > >Now there's a copy of the paper about SHA-1 collision on the web. You
> > >can read "Finding Collisions in the Full SHA-1," by Xiaoyun Wang
> > >
> > >http://www.schneier.com/blog/archives/2005/06/sha_cryptanalys.html
> > >
> > >R.#.
> > >
> > >_______________________________________________
> > >imc-tech mailing list
> > >imc-tech at lists.indymedia.org
> > >http://lists.indymedia.org/mailman/listinfo/imc-tech
> > >
> > >
> > >
> >
> > _______________________________________________
> > imc-tech mailing list
> > imc-tech at lists.indymedia.org
> > http://lists.indymedia.org/mailman/listinfo/imc-tech
> >
>
> --
> Geschenkt: 3 Monate GMX ProMail gratis + 3 Ausgaben stern gratis
> ++ Jetzt anmelden & testen ++ http://www.gmx.net/de/go/promail ++
>
> --
> Geschenkt: 3 Monate GMX ProMail gratis + 3 Ausgaben stern gratis
> ++ Jetzt anmelden & testen ++ http://www.gmx.net/de/go/promail ++
> _______________________________________________
> imc-tech mailing list
> imc-tech at lists.indymedia.org
> http://lists.indymedia.org/mailman/listinfo/imc-tech
>
More information about the imc-tech
mailing list