Re: $10,000 CertainKey Challange Awarded

From: WinTerMiNator (me_at_privacy.net)
Date: 02/19/05

• Next message: jstevh_at_msn.com: "Re: Factoring, sf, and reasonable requests"
• Previous message: Décio Luiz Gazzoni Filho: "Re: Easy test of surrogate factoring"
• In reply to: Gregory G Rose: "Re: $10,000 CertainKey Challange Awarded"
• Next in thread: tomstdenis_at_gmail.com: "Re: $10,000 CertainKey Challange Awarded"
• Reply: tomstdenis_at_gmail.com: "Re: $10,000 CertainKey Challange Awarded"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 19 Feb 2005 13:26:40 +0100

"Gregory G Rose" <ggr@qualcomm.com> a écrit dans le message de news:
cv62bl$15q@qualcomm.com...
> In article <37n34aF5fgc69U1@individual.net>,
> WinTerMiNator <me@privacy.net> wrote:
>>- Use both, concatenate MD5+SHA1 of same file. Works also with SHA1+TIGER
>>or
>>SHA256+GOST... Unlikely that a collision for a given hash also collides
>>for
>>the second one!
>
> Intuitively obvious, and completely incorrect.
>
> Greg.
Hello Greg,

- First, the fact to concatenate two hashes increase the difficulty of
"birthday attack": for example, with SHA1+TIGER one would need to generate
~2^((160+192)/2) = 2^176 documents to have a ~0.5 probability to find a
collision.
- Secondly, the best choices here are to concatenate hashes algorithms
coming from different origins: MD5+SHA1 is the "bad" choice, since both are
"descendents" of MD4 and might suffer of the same kind of defect. SHA1+TIGER
or SHA256+GOST (the hash Russian standard, not the cipher one) are of
different origins and are probably not sensitive to the same attack.

Now that I have developed my thoughts, could you develop your "completely
incorrect"?

Regards,

-- 
Michel Nallino aka WinTerMiNator
http://www.winterminator.fr.st (Internet et sécurité)
http://www.gnupgwin.fr.st (GnuPG pour Windows)
Adresse e-mail invalide; pour me contacter:
http://www.cerbermail.com/?vdU5HHs5WG 

---

• Next message: jstevh_at_msn.com: "Re: Factoring, sf, and reasonable requests"
• Previous message: Décio Luiz Gazzoni Filho: "Re: Easy test of surrogate factoring"
• In reply to: Gregory G Rose: "Re: $10,000 CertainKey Challange Awarded"
• Next in thread: tomstdenis_at_gmail.com: "Re: $10,000 CertainKey Challange Awarded"
• Reply: tomstdenis_at_gmail.com: "Re: $10,000 CertainKey Challange Awarded"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages using & to concatenate result is yuck ... Am trying to concatenate to cells using & the result is ... incorrect. ... result turning to crap. ... (microsoft.public.excel.worksheet.functions) Re: how to use define in a string? ... "Incorrect number of arguments, ... Assuming `FSDB_FILE is a quoted string (i.e., contains quotes), you ... can concatenate them together: ... (comp.lang.verilog) Concatenation ... I have a query that I am trying to concatenate more than ... I am able to concatenate 2 fields, ... know is incorrect. ... Are there limits to concatenating or known ... (microsoft.public.access.queries)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > sci.crypt  > 2005-02