Re: Hash functions and streaming

From: Walter Roberson (roberson_at_ibd.nrc-cnrc.gc.ca)
Date: 10/24/05

  • Next message: Orges Balla: "Re: how to fix the sound issue" 
    Date: Mon, 24 Oct 2005 20:47:09 +0000 (UTC)

    In article <1130183109.913479.124080@g14g2000cwa.googlegroups.com>,
    frank <francis.moore@gmail.com> wrote:
    :I have just heard (although apparently it's old news) that the SHA-1
    :algorithm
    :has been fundamentally broken. It doesn't take 2**80 hashes for a
    :collision to occur, but only 2**69 hashes.

    :I don't really understand what problem is caused by someone finding a
    :collision.

    :So, my questions are:

    :1. Does this mean that they have reversed the hash back to plaintext?

    No.

    :2. Or have they found some plaintext that hashes to the same value as
    :some other plaintext? And if so, why is this considered dangerous?

    Yes.

    This is dangerous because the new plaintext might say "This is an
    billed media stream; automatically pay $25,000 into the following
    bank account..."

    :4. If the SHA-1 message digest was not encrypted, what is the worst
    :that someone could do if they could create a collision?

    See above. Or worse.

    :5. If the stream is very long and the compromised block is just 60
    :seconds or less of that stream, could a hash collision of that one
    :block provide a vulnerability for the rest of the stream? Even though
    :each block will have a completely different hash?

    Yes. Typically in streaming media, blocks identify themselves as
    to their type. The injected block doesn't have to identify itself
    as pure media data: it could identify itself as some other
    block type that the player happens to have a buffer overflow
    vulnerability for. 

    -- 
I am spammed, therefore I am.
  • Next message: Orges Balla: "Re: how to fix the sound issue"

    Relevant Pages