mailing list archives
Re: In case y'all didn't catch it yet...
From: Martin Eian <eian () samfundet no>
Date: Thu, 17 Feb 2005 15:59:45 +0100
One possibility is brute forcing password hashes. If one has this hash
'988881adc9fc3655077dc2d4d757d480b5ea0e11', less time is now needed to brute
force it and gain access to something.
Not really. Here's why:
Bruce Schneier wrote that the research team had found collisions in
SHA-1 in 2**69 operations. A collision won't help you brute force a
password hash. What you just described is a preimage, not a collision.
From "Handbook of Applied Cryptography" , chapter 9, subsection
9.2.2, pages 323-324:
1. preimage resistance - for essentially all pre-specified outputs, it
is computationally infeasible to find any input which hashes to that
output, i.e., to find any preimage x' such that h(x') = y when given any
y for which a corresponding input is not known.
2. 2nd-preimage resistance - it is computationally infeasible to find
any second input which has the same output as any specified input, i.e.,
given x, to find a 2nd-preimage x' =/= x such that h(x) = h(x').
3. collision resistance - it is computationally infeasible to find any
two distinct inputs x,x' which hash to the same output, i.e., such that
h(x) = h(x'). (Note that here there is free choice of both inputs.)
Full-Disclosure - We believe in it.
Re: In case y'all didn't catch it yet... Polarizer (Feb 16)