Re: un-hashing to reveal pass phrase [was: crypto sms]
Crypto_at_S.M.S
Date: 06/23/05
- Next message: tomstdenis_at_gmail.com: "Re: un-hashing to reveal pass phrase [was: crypto sms]"
- Previous message: Crypto_at_S.M.S: "Re: crypto sms"
- In reply to: Joseph Ashwood: "Re: un-hashing to reveal pass phrase [was: crypto sms]"
- Next in thread: \: "Re: CryptoCritic Blowhards Dumber than a Dopey Housewife ? -- un-hashing to reveal pass phrase [was: crypto sms]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 23 Jun 2005 22:09:49 +1000
Joseph Ashwood wrote:
> <Crypto@S.M.S> wrote in message news:11bkrbplrl0bp89@news.supernews.com...
>
>>Thanks to all in Sci.Crypt for pointing fingers at
>>this relatively new work (to me at least) on attacking
>>hash functions:
>>
>>http://cryptography.hyperlink.cz/md5/Vlastimil_Klima_MD5_collisions.pdf
>>http://www.infosec.sdu.edu.cn/paper/md5-attack.pdf
>>http://www.infosec.sdu.edu.cn/paper/md4-ripemd-attck.pdf
>>
>>These papers bring up more questions than they answer,
>>with regard to breaking hashes to reveal pass phrases.
>>
>>In all of these papers, the "attack" is to compute a
>>colliding hash value. That is all well and good, but
>>how does being able to compute two collisions allow
>>you to "back-compute" from an hash value to the
>>text that produced it?
>
>
> That is fairly straightforward, because the approximate length is known and
> the entropic quantity is known this limits the number of possible passphrase
> to just 1 in this case (unless the passphrase has > 1000-whatever it was
> bits). By focusing only on the extremely limited MD5 which can hold more
> entropy than is in the passphrase the entire list can be narrowed to
> generally 1. This 1 collision is then the correct passphrase.
>
> The times given in those are old, in fact I don't think the latest papers
> have been officially published, but the show collisions in MD5 in 15
> minutes. Because there is only one colliding value, the result is the
> original passphrase.
>
Once again you have not got your facts straight:
Vlastimil Klima1, 2
v.klima@volny.cz
http://cryptography.hyperlink.cz/
Prague, Czech Republic
March 31, 2005
Less than 3 months old, wherein it states,
(and I repeat my original quotation):
In the last experiment, provided by Ondřej Pokorný
on his home PC (Intel Pentium, 1GHz), he obtained 14
collisions in 58 hours and 32 minutes. It gives even
more optimistic time for finding a collision (1 collision
per 4 hours 11 minutes) than on the author's notebook.
Throughout this entire exchange you have continually
exaggerated numbers to fit your statements.
- Next message: tomstdenis_at_gmail.com: "Re: un-hashing to reveal pass phrase [was: crypto sms]"
- Previous message: Crypto_at_S.M.S: "Re: crypto sms"
- In reply to: Joseph Ashwood: "Re: un-hashing to reveal pass phrase [was: crypto sms]"
- Next in thread: \: "Re: CryptoCritic Blowhards Dumber than a Dopey Housewife ? -- un-hashing to reveal pass phrase [was: crypto sms]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
