Re: Is MD5 outdated ?
From: Bryan Olson (fakeaddress_at_nowhere.org)
Date: 10/02/03
- Next message: Gregory G Rose: "Re: Is MD5 outdated ?"
- Previous message: Joe Peschel: "Re: Rotor Machine Questions"
- In reply to: Mxsmanic: "Re: Is MD5 outdated ?"
- Next in thread: Mxsmanic: "Re: Is MD5 outdated ?"
- Reply: Mxsmanic: "Re: Is MD5 outdated ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 02 Oct 2003 00:24:55 GMT
Mxsmanic wrote:
> Simon Johnson writes:
>
>
>>I introduce small invisible changes (easily done in formats like Adobe
>>and Word) in both documents until the birthday paradox is invoked and
>>they hash to the same value.
>
>
> But you don't know where the changes will be required, and so they won't
> necessarily be invisible (and in fact will probably be visible). You
> essentially have to make random changes to the document until you get
> the same hash, which is not computationally feasible.
That's a misunderstanding of the attack. He makes many versions
of both, and looks for any collision between a favorable and an
unfavorable document.
>>You then sign the favourable document and then i take
>>your house :)
>
> Fortunately, the decay of protons throughout the universe will have
> rendered the contract moot.
Not in this universe. On MD5, the attack is on the order of
2**64 in both time and space, though there's probably enough
overhead to make it closer to 2**80 operations. With a quick
web-search, I found the half-life of a proton exceeds 10**33
years.
-- --Bryan firstname dot lastname at domain of the Association for Computing Machinery
- Next message: Gregory G Rose: "Re: Is MD5 outdated ?"
- Previous message: Joe Peschel: "Re: Rotor Machine Questions"
- In reply to: Mxsmanic: "Re: Is MD5 outdated ?"
- Next in thread: Mxsmanic: "Re: Is MD5 outdated ?"
- Reply: Mxsmanic: "Re: Is MD5 outdated ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
