Re: Manual hashing

From: Bryan Olson (fakeaddress_at_nowhere.org)
Date: 06/30/04 

Date: Wed, 30 Jun 2004 06:45:57 GMT

Mok-Kong Shen wrote:
> Bryan Olson wrote:
>> I spoon-fed the detailed steps to find preimages of any hash.
>> Here, let's look again:
>>
>> one can obviously find preimages of any given digest: start
>> with any of the 2^(2n) preimages of the last XOR, then
>> decrypt to reverse the previous steps.
>
> [snip]
>
> I think we have arrived at a really good point for clearing
> up certain confusions
[...]
> one would get from an
> 'arbitrarily' chosen (computed) preimages of the last XOR
> certain blocks that are to be designated C1' etc. (i.e. not
> identical to the C1 etc. of the process of deriving the hash)
> and so one would get finally A1' etc. in the reversing
> procedure. The A1' etc. are almost invariably (excepting
> by 'pure chance') not the same as A1 etc. So what does one
> achieve with this computation, excepting that, if one makes
> about half of 2^(2n) attempts, one would hit on the right
> original data (the original user-given A1 etc.)?

I've explained what it achieves over and over: The attacker can
efficiently find preimages of any given digest; he can easily
find collisions. You proposed a hash function in sci.crypt,
where you have several times *cited* references that discuss
cryptographic hash functions using exactly those terms.

When in this thread, you wrote (of a hypothetical manual
scheme):

     In other words, some (even though rather poor) approximation
     of the qualities commonly required of computer-based hashing
     for crypto purposes is to be targeted.

What did you think those qualities to be? Why have you not read
the references you've so often cited to others? Did you not
check what the basic security properties of cryptographic hashes
are, before you decided to design one? Even if you didn't know
what 'preimages' and 'collisions' are, why didn't you look them
up before responding to my posts?

A dozen or so posts ago, I wrote:

     I recommend studying the structure, motivation, and analysis
     of hashing methods before nominating further candidates of
     your own.

I, and others, have given you similar advice on other topics,
often after refuting some clueless notion you decided to post.
Has it dawned on you yet that it might be good advice? 

-- 
--Bryan

Relevant Pages

  • How do I escape the 34 minute loop? HELP!!!! PLEASE!
    ... Try Pegasu' advice. ... See my same question a few posts up. ... >This loop has been going on al night. ... searched this site for references to the 34 minute hang ...
    (microsoft.public.windowsxp.setup_deployment)
  • Re: The ID Chip You Dont Want in Your Passport
    ... Blowfish was way cool at the time Bruce invented it. ... Quit harassing the talent. ... yet he emails me about crypto profiling. ... Quit harassing the talent and you'll hear nothing from me except posts ...
    (sci.crypt)
  • Re: Recipe help?
    ... You talk about my "kindred spirits" how about those of your own? ... ADA or in contradiction to the low carb mantra without several kindred ... him in posts like the "MyPyramid" thread - but to clarify ... the advice he received. ...
    (alt.support.diabetes)
  • Re: Still Waiting
    ... Yet, despite having left it, there are still posts jumping up and bashing me for telling the truth such as moaning because I wont phone the FHC on a Sunday, when they are closed. ... you did this last time and gave me "advice" to something that I didn't need advice on by answering a question I didn't ask. ...
    (soc.genealogy.britain)
  • Re: UK649-16 Random Numbers-16 Random Lines-Sat.Nov.3
    ... non-existent "us"...nor are you qualified to offer advice to anyone about ... like...try not to click on any posts that may cause you to react ... fuck off now and don't come back. ...
    (rec.gambling.lottery)