Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: In case y'all didn't catch it yet...
From: Martin Eian <eian () samfundet no>
Date: Thu, 17 Feb 2005 15:59:45 +0100

One possibility is brute forcing password hashes. If one has this hash '988881adc9fc3655077dc2d4d757d480b5ea0e11', less time is now needed to brute force it and gain access to something.

Not really. Here's why:

Bruce Schneier wrote that the research team had found collisions in SHA-1 in 2**69 operations. A collision won't help you brute force a password hash. What you just described is a preimage, not a collision.

From "Handbook of Applied Cryptography" [1], chapter 9, subsection 9.2.2, pages 323-324:

1. preimage resistance - for essentially all pre-specified outputs, it is computationally infeasible to find any input which hashes to that output, i.e., to find any preimage x' such that h(x') = y when given any y for which a corresponding input is not known.

2. 2nd-preimage resistance - it is computationally infeasible to find any second input which has the same output as any specified input, i.e., given x, to find a 2nd-preimage x' =/= x such that h(x) = h(x').

3. collision resistance - it is computationally infeasible to find any two distinct inputs x,x' which hash to the same output, i.e., such that h(x) = h(x'). (Note that here there is free choice of both inputs.)

[1] http://www.cacr.math.uwaterloo.ca/hac/

Martin Eian
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]