John Fiore on 16 Feb 2005 21:48:36 -0000 |
> On Feb 16, 2005, at 3:30 PM, John Fiore wrote: > > It takes 2^(69) operations to find a collision. > > That's still a huge number. > > It's only 32 times bigger than what is required to > crack the original, > full DES by brute force. That's not that much with > today's hardware. Tobias, DES keys are 56 bits, which makes it 8192 times as hard on average, not 32. Assuming that you can find a collision in 2^(69) operations, that you can do 1000 operations/microsecond, it'd take about 19,000 years. The paper hasn't been released yet, but as I understand it, this is just to generate one collision. It doesn't mean that if you have a hash that you can create another object that has the same hash value. This still takes 2^(160) operations. Of course you can string many machines together to do this in parallel, and there's Moore's Law, and while I agree with you that there's nothing wrong with switching to SHA-256, 385, or 512, I just don't think that there's any reason for everyone to go bananas. John ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|