Re: $10,000 CertainKey Challange Awarded

From: WinTerMiNator (me_at_privacy.net)
Date: 02/21/05

Next message: Brian Inglis: "Re: Thou shalt have no other gods before the ANSI C standard"
Previous message: Nora Baron: "Re: SF: Doesn't work?"
In reply to: tomstdenis_at_gmail.com: "Re: $10,000 CertainKey Challange Awarded"
Next in thread: Jean-Luc Cooke: "Re: $10,000 CertainKey Challange Awarded"
Reply: Jean-Luc Cooke: "Re: $10,000 CertainKey Challange Awarded"
Reply: tomstdenis_at_gmail.com: "Re: $10,000 CertainKey Challange Awarded"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 21 Feb 2005 20:03:31 +0100

tomstdenis@gmail.com wrote:
> WinTerMiNator wrote:
>> "Gregory G Rose" <ggr@qualcomm.com> a écrit dans le message de news:
>
>> cv62bl$15q@qualcomm.com...
>>> In article <37n34aF5fgc69U1@individual.net>,
>>> WinTerMiNator <me@privacy.net> wrote:
>>>> - Use both, concatenate MD5+SHA1 of same file. Works also with
>>>> SHA1+TIGER or
>>>> SHA256+GOST... Unlikely that a collision for a given hash also
>>>> collides for
>>>> the second one!
>>>
>>> Intuitively obvious, and completely incorrect.
>>>
>>> Greg.
>> Hello Greg,
>>
>> - First, the fact to concatenate two hashes increase the difficulty
>> of "birthday attack": for example, with SHA1+TIGER one would need to
>> generate ~2^((160+192)/2) = 2^176 documents to have a ~0.5
>> probability to find a collision.
>
> These are iterative hash functions e.g. A != B but hash(A) == hash(B)
> then hash(A|C) == hash(B|C)
>
> So all I have todo is find a message for which the hash collides [for
> one] then I can append anything and they will always collide. Then I
> append random strings until the larger hash collides (or vice versa).
> The work factor is
>
> 2^n/2 + 2^m/2 for a n+m bit contruction. e.g. it's 2^80 + 2^96 ==
> 2^96 work to break SHA1+TIGER.
>
> Tom

Thank you Tom.

Is my other proposal stronger:
<quote>
- "Square" any hash function:
* take hash of file
* use hash as a key for RC4 cipher and cipher file
* take hash of cipher file
* concatenate hash of clearfile + hash of cipherfile.
</quote>

I think it seems to resist to the "iterative hash function" attack as you
describe it.

-- 
Michel Nallino aka WinTerMiNator
http://www.winterminator.fr.st (Internet et sécurité)
http://www.gnupgwin.fr.st (GnuPG pour Windows)
Adresse e-mail invalide; pour me contacter:
http://www.cerbermail.com/?vdU5HHs5WG

Next message: Brian Inglis: "Re: Thou shalt have no other gods before the ANSI C standard"
Previous message: Nora Baron: "Re: SF: Doesn't work?"
In reply to: tomstdenis_at_gmail.com: "Re: $10,000 CertainKey Challange Awarded"
Next in thread: Jean-Luc Cooke: "Re: $10,000 CertainKey Challange Awarded"
Reply: Jean-Luc Cooke: "Re: $10,000 CertainKey Challange Awarded"
Reply: tomstdenis_at_gmail.com: "Re: $10,000 CertainKey Challange Awarded"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: $10,000 CertainKey Challange Awarded
... >> Bank of America, Citibank, Fleet Bank, eTrade.com USA, and eBay.com. ... take hash of file ... use hash as a key for RC4 cipher and cipher file ... http://www.winterminator.fr.st http://www.gnupgwin.fr.st (GnuPG pour Windows) Adresse e-mail invalide; ...
(sci.crypt)
Re: $10,000 CertainKey Challange Awarded
... > Thank you Tom. ... > * take hash of cipher file ... padding " and then claim FIPS compliance. ...
(sci.crypt)
Re: ECC2 pay be over
... just like a hash algorithm. ... > hashes and compare them one to one! ... > Michel Nallino aka WinTerMiNator ...
(sci.crypt)