Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Month of Random Hashes: DAY THREE
From: M.B.Jr. <marcio.barbado () gmail com>
Date: Sat, 16 Jun 2007 16:37:17 -0300

On 6/16/07, William Lefkovics <william () lefkovics net> wrote:

I wish I knew more about it when I was younger living in
Vancouver.  Walking
downtown, shady looking characters would walk past and whisper under their
breath... "hash?"


well,
guess that sort of hash also produces confusing outputs aint that...?
=P

Now I understand...

Seriously, thanks for the FAQ'n explanation.


-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of
Valdis.Kletnieks () vt edu
Sent: Friday, June 15, 2007 1:57 PM
To: M.B.Jr.
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Month of Random Hashes: DAY THREE

On Fri, 15 Jun 2007 16:59:01 -0300, "M.B.Jr." said:
> but only one string can produce that md5 hash signature, that sha1
> hash signature, fucking that sha256 hash signature, fucking that
> <any_other> hash signature, etc...

Nope.  There's an infinite number of strings that would produce the same
MD5/sha1/sha256/whatever hash.  The interesting point about such hashes is
that although given a particular string A, we can *easily* compute the
hash
H.
However, knowing H, we don't have a good way to recover A, nor do we have
any easy way to compute a *second* string B that hashes to H.

So, given a hash H, we know one of 3 things is true:

1) The person we got H from has A, and easily computed H.
2) The person doesn't have A, but does have either a way to use several
million CPU-years or a crypto breakthrough to compute some string B that
also hashes to H
3) The person just pulled a pseudo-random string of bits out of their ass,
called it H, and has as little clue about A and B as we do.

At the current time, (2) is believed to be impractical, and (3) fails the
instant the person actually has to produce A itself.  As a result, we can
usually presume that if they have a hash H, they've got the A it hashed
from.

This becomes interesting if you want to prove that you have a prior claim
on
something, without revealing the something (for instance, an advisory or
PoC
for something while you're still working with a vendor about fixing it) -
you can (for instance) post the hash of it on May 1, release the
announcement on July 1, and when others dispute your claim you knew about
it
on May 1, you can point to the hash from May 1, and show it's the same as
the hash of your July 1 announcement, and thus prove you knew about it
back
on that date.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




--
Marcio Barbado, Jr.
==============
==============
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]