Re: Hash function
- From: Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx>
- Date: Tue, 28 Feb 2006 08:37:16 +0100
bobic <fbloveu@xxxxxxxxxxx> wrote:
Hi, everyone. Here, I have a problem about hash function. That is, can
we construct a hash function, such that, H(x)=y, where x is a random
string, and y=p_1*...*p_k mod p, p_1,...,p_k are small primes, p is a
large prime.
Yep! Let p_1, ..., p_k be the 256 first primes, let p be a prime that is
larger than p_1*...*p_k (that is about 2100 bits). Let y_1,...,y_k be the
bits output by SHA-256 on input of x, and define
H(x) = p_1^y_1 * ... * p_k^y_k .
Voila!
It seems to me that this hash function should inherit all of SHA-256's
collision properties, yet it is a brilliantly bad hash to use in
combination with RSA-FDH signatures. It may be good for an example
of why you really need a random oracle, and not just a collision
resistant hash function.
But perhaps you had something more sensible in mind?
--
Kristian Gjøsteen
.
- Follow-Ups:
- Re: Hash function
- From: Mike Amling
- Re: Hash function
- References:
- Hash function
- From: bobic
- Hash function
- Prev by Date: Re: coded/encrypted sms
- Next by Date: Overwritten posts
- Previous by thread: Hash function
- Next by thread: Re: Hash function
- Index(es):
Relevant Pages
|
|
