Re: Randomness of MD5 vs. SHA1



On Jan 26, 10:58 am, bmearns <mearn...@xxxxxxxxx> wrote:
On Jan 26, 10:55 am, Tom St Denis <t...@xxxxxxx> wrote:



On Jan 26, 10:53 am, bmearns <mearn...@xxxxxxxxx> wrote:

Ideally, the output of a cryptographically secure hash function should
be uniformly distributed, right? With regards to this property only,
is there any known difference between MD5 and SHA1?

Specifically, I'm feeding relatively short strings of 7-bit ASCII text
into the hash, and using the output as a password. Will one of these
produce algorithms a stronger bias in the output than the other?

Note, this isn't an authentication scheme in itself, I'm not concerned
directly about collisions. For instance, I don't care if somebody can
find another plaintext that will produce the same digest: it's the
digest itself that is the secret. So I'm only concerned if one of the
functions will add a significant bias to this secret.

Nobody knows for sure.  They're both believed to be respectable PRFs
in their own rights.

MD5 is computationally cheaper than SHA-1 if that helps.

Tom

Thanks a lot for the prompt response, Tom.

I get the point, but what specifically does PRF means?

Thanks,
-Brian

Sorry, I will google before I ask. PRF is a Pseudorandom function.

-Brian
.



Relevant Pages

  • Re: hash function
    ... Use a PRF. ... I find it is clearer to use names like "k" for secret keys to avoid confusion, ... and use names like "x" or "m" for the non-secret message input.) ... could easily end up re-inventing the wheel (via some funny construction). ...
    (sci.crypt)
  • Re: Opinion on CRC-32
    ... CRC can safely be used for sorting internal data in hash ... able to corrupt the ISO image is also capable of changing the MD5 ... hacker has exchanged both the ISO image and the MD5 digest. ... Proof-of-Possession of secret data, say, if you e.g. make a discovery ...
    (borland.public.delphi.language.objectpascal)
  • Re: from random oracle model to pseudorandom oracle model
    ... You can construct a secure PRF from SHA-1, ... uniformaly at random and keep secret. ... reduction from PRF to PRP security). ...
    (sci.crypt)
  • Re: Conjectured pseudorandom functions
    ... David Wagner wrote: ... >>function on an input x as the key to another pseudorandom function? ... from the range of the PRF as it does in a single iteration. ...
    (sci.crypt)