Re: Comaprison between MD5 and SHA

Tom St Denis <tomstdenis@xxxxxxxxx> wrote:

Kristian Gjøsteen wrote:
gen_vlsi <jesuraj.vinoth@xxxxxxxxx> wrote:
What if the message is more
than 2^64? What do we do in that case?

Break out the champagne, congratulate yourself on having huge computing
resources, then switch to SHA-512.

Let's see... my box (Intel Core 2 Duo) can hash MD5 at roughly 8 cycles
per byte (or so). At the current clock rate of 3.46GHz (yeah ...
overclocked) that's 412.4 MiB/sec. At that rate it would take my one
box 1352 years to complete.

That calculation is obviously irrelevant, since MD5 doesn't have an
upper limit to its input length.

This is also why we should all prefer MD5 over SHA-1. Faster, no input
length restrictions, designed by Rivest(?): What's not to like?

Now what you do instead is hash fixed blocks, with random IVs on
thousands of boxes. Store all the IVs and results in a DB and then
once you can chain 2^53 of them together you're done :-)

What we need is a hash function that can be computed in parallel.
Something like a tree hash function. Or perhaps we can do better,
we split the message into 160 parts, and compute the first bit based
on the first part, the second bit on the second part, etc. It will be
a Speedy hash and it will have Increased input Length. Deriving round
constants from mathematical constants is obviously old hat, so I was
thinking Shakespeare's sonnets, but then I thought, why not be radical?
The round constants will be derived from Bob Dylan song LYrics.

The name's taken care of: I'll write the paper, you do the implementation.

--
Kristian Gjøsteen
.