Full Disclosure
mailing list archives
Re: In case y'all didn't catch it yet...
From: Martin Eian <eian () samfundet no>
Date: Thu, 17 Feb 2005 15:59:45 +0100
One possibility is brute forcing password hashes. If one has this hash
'988881adc9fc3655077dc2d4d757d480b5ea0e11', less time is now needed to brute
force it and gain access to something.
Not really. Here's why:
Bruce Schneier wrote that the research team had found collisions in
SHA1 in 2**69 operations. A collision won't help you brute force a
password hash. What you just described is a preimage, not a collision.
From "Handbook of Applied Cryptography" [1], chapter 9, subsection
9.2.2, pages 323324:
1. preimage resistance  for essentially all prespecified outputs, it
is computationally infeasible to find any input which hashes to that
output, i.e., to find any preimage x' such that h(x') = y when given any
y for which a corresponding input is not known.
2. 2ndpreimage resistance  it is computationally infeasible to find
any second input which has the same output as any specified input, i.e.,
given x, to find a 2ndpreimage x' =/= x such that h(x) = h(x').
3. collision resistance  it is computationally infeasible to find any
two distinct inputs x,x' which hash to the same output, i.e., such that
h(x) = h(x'). (Note that here there is free choice of both inputs.)
[1] http://www.cacr.math.uwaterloo.ca/hac/

Martin Eian
_______________________________________________
FullDisclosure  We believe in it.
Charter: http://lists.netsys.com/fulldisclosurecharter.html
By Date
By Thread
Current thread:
 Re: In case y'all didn't catch it yet..., (continued)
