Re: SHA-1 broken
From: Damian Menscher (menscher_at_uiuc.edu)
Date: 02/20/05
- Previous message: Ruud H.G. van Tol: "Re: Joint encryption?"
- In reply to: securityfocus_at_microtechnical.co.uk: "Re: SHA-1 broken"
- Next in thread: Michael Silk: "Re: SHA-1 broken"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 20 Feb 2005 11:35:59 -0600 (CST) To: securityfocus@microtechnical.co.uk
On Sat, 19 Feb 2005 securityfocus@microtechnical.co.uk wrote:
>
> In much the same way if the original text was 'I owe you 1 million
> dollars' and the collision text was 'sdf86*&6989h,mni lkj99j' its not
> significant.
Hey, Nick. I want to confirm that I've installed GPG correctly. Would
you mind signing some random text, say, "sdf86*&6989h,mni lkj99j", so I
can test it?
I'll admit I agree with your point, though. The demonstrated collisions
in MD5 (none have been demonstrated in SHA-1 yet) varied four high-order
bits. So it'd be fairly unrealistic (in the real world) to generate a
useful collision. Here I define "useful" to mean at least one side has
to be intelligible (as opposed to your definition of having both sides
be intelligible).
Damian Menscher
-- -=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| <menscher@uiuc.edu> www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=-
- Previous message: Ruud H.G. van Tol: "Re: Joint encryption?"
- In reply to: securityfocus_at_microtechnical.co.uk: "Re: SHA-1 broken"
- Next in thread: Michael Silk: "Re: SHA-1 broken"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
