Re: Secure key exchange with hashing and the birthday paradox

---

• From: "Joseph Ashwood" <ashwood@xxxxxxx>
• Date: Sat, 18 Mar 2006 07:39:20 GMT

---

"Luc The Perverse" <sll_noSpamlicious_z_XXX_m@xxxxxxxxxx> wrote in message
news:4dkse3xtrg.ln2@xxxxxxxxxxxxxxxxxxxx

What is your take on this? This seems crazy to me.

http://burtleburtle.net/bob/crypto/exchange.html

I can tell you it is completely infeasible, and the feasible versions are
considered weak. Take for example the 64-bt example given, I'll even assume
the hash is 64-bits (we also have to assume it is actually onto in this case
as well). The 2^32 64-bit values will take 32GB, so each person I
communicate with has taken 32GB of download space, over an OC144 this isn't
that much, but over a 16Mbps line that's almost a full hour, and 16Mbps is
considered a really fast connection. What's worse is that a 64-bit secret is
considered insecure. If we move up to an 80-bit secret you're now looking as
a 10TB download to establish a connection, not to mention that fact that
someone has to actually store this, and you have to store your own. So for
borderline security you need 10TB of storage space, for 128-bit ciphers
you've got 256PB of data coming your way. I don't want to generate, store,
download, manipulate, or in any way deal with an unordered dataset of that
size (the related key is unordered).

This is all assuming a hash that is onto but not reversible, once we add the
overhead necessary to avoid collisions without having a computable onto
function we're looking at doubling all those numbers.

Basically, I don't see the usefulness of such a protocol, even though it
will in theory work.
Joe


.

---

• Follow-Ups:
  • Re: Secure key exchange with hashing and the birthday paradox
    • From: Luc The Perverse
  • Re: Secure key exchange with hashing and the birthday paradox
    • From: Luc The Perverse
  • Re: Secure key exchange with hashing and the birthday paradox
    • From: Luc The Perverse

• References:
  • Secure key exchange with hashing and the birthday paradox
    • From: Luc The Perverse

• Prev by Date: SF: A hyperbolic solution
• Next by Date: Re: incremental MD5 ?
• Previous by thread: Re: Secure key exchange with hashing and the birthday paradox
• Next by thread: Re: Secure key exchange with hashing and the birthday paradox
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Secure key exchange with hashing and the birthday paradox ... I communicate with has taken 32GB of download space, ... store your own. ... unordered dataset of that size. ... the overhead necessary to avoid collisions without having a computable ... (sci.crypt) Re: Choosing the right embedded database. ... > Most users would download the application and data from a website via DIAL ... > internet access is the only real method of distribution, ... > local data store via an internet link. ... > dance information to their local store, it maybe nice if this was a two ... (borland.public.delphi.thirdpartytools.general) Re: Choosing the right embedded database. ... We want a simple database ... > Most users would download the application and data from a website via DIAL ... > access is the only real method of distribution, ... > local data store via an internet link. ... (borland.public.delphi.thirdpartytools.general) Choosing the right embedded database. ... I am looking for the right tool for the job and came across you database ... Most users would download the application and data from a website via DIAL ... access is the only real method of distribution, ... local data store via an internet link. ... (borland.public.delphi.thirdpartytools.general) RE: sharing info between Access and a website ... The website is mostly updated by end users with a store ... server via FTP, replacing the existing file. ... before the upload process. ... I'd like to download those changes into Access, ... (microsoft.public.access.modulesdaovba)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)