Re: MD5 and SHA-1 Digest: What is the probability of repeating hash-values?
From: Jim Gillogly (jim_at_acm.org)
Date: 10/27/03
- Next message: DJohn37050: "Re: NSA chooses ECC"
- Previous message: Neko: "need advice"
- In reply to: Anton Spaans: "Re: MD5 and SHA-1 Digest: What is the probability of repeating hash-values?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 27 Oct 2003 21:53:32 GMT
Anton Spaans wrote:
> But i was asking how well MD5 'spreads' all the possible original messages
> over these 2^128 possible hash-values.
> As i came to understand: 'pretty' well. ;-)
That's both stronger and weaker than I would put it. I'd say rather
that we have no reason to believe that MD5 doesn't spread the hash
values very well. That is, so far as I know we don't have theory
to say whether it's spread "pretty well" or even "moderately well",
but also no evidence to say that it's worse than "very well". It's
not even clear what that means: for example, for some applications
you might be made nervous by an n-bit hash function that assigns
each n-bit integer to a different hash value rather than spreading
them out more "randomly"; for others you'd prefer this feature, and
perhaps use an n-bit block cipher with secret key to accomplish it.
-- Jim Gillogly
- Next message: DJohn37050: "Re: NSA chooses ECC"
- Previous message: Neko: "need advice"
- In reply to: Anton Spaans: "Re: MD5 and SHA-1 Digest: What is the probability of repeating hash-values?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
