| Tobias DiPasquale on 16 Feb 2005 23:37:44 -0000 |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Feb 16, 2005, at 4:48 PM, John Fiore wrote: DES keys are 56 bits, which makes it 8192 times as hard on average, not 32. I said full DES, which uses a 64 bit key. Standard DES uses a 56 bit key. The paper hasn't been released yet, but as I understand it, this is just to generate one collision. It doesn't mean that if you have a hash that you can create another object that has the same hash value. The point of a cryptographic message digest is to produce a unique and irreversible transformation on the data source within the period. If an implementation fails this premise it should not be used since the cryptographic implementations that include such a digest require it to provide those properties in order to perform their functions correctly. If one piece is failing, the integrity of the entire chain is at risk. Also, only in public key cryptography do there exist better-than-brute-force attacks possible against a technique that don't render that technique "broken" (e.g. QFS, NFS). SHA-1 is not public key cryptography. This still takes 2^(160) operations. This is the worst case. The average case would be approximately 2**80 iterations. Of course you can string many machines together to do this in parallel, and there's Moore's Law, and while I agree with you that there's nothing wrong with switching to SHA-256, 385, or 512, I just don't think that there's any reason for everyone to go bananas. I never advocated going bananas. I advocated replacing SHA-1 with an as-yet-unbroken message digest algorithm. If the lock broke on your front door, wouldn't you replace it? The real problem here is that SHA-* and RIPEMD* are all based on the same unbalanced Feistel network structure and are thus potentially vulnerable to the same type of attack. I would like to see cryptographic implementations start to implement MDs that do not use this technique. - -- Tobias DiPasquale 7A79 308C 0354 EA9C 7807 ED83 03C9 9E01 148E 7D01 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (Darwin) iD8DBQFCE9k/A8meARSOfQERAtnBAJ4qkAdEjhm9xHb4euygfiXrrs32yACggoMM Lzvsr1jD00+6cSzMZxzKWWU= =GmoU -----END PGP SIGNATURE----- ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|