[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SHA-1 broken

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: SHA-1 broken
From: <securityfocus@xxxxxxxxxxxxxxxxxxxx>
Date: 19 Feb 2005 09:53:33 -0000

In-Reply-To: <011401c51541$fdafedb0$0400a8c0@p14n>

I think Thomas has a good point here. We must separate the academic 
mathematical arguement about collisions from it's application in the real 
world. It may be that there are collisions in both MD5 and SHA-1 but have they 
any actual bearing on the use and application of these hashes in the real world?

In human fingerprint forensics it is possible for 2 finger prints to be 
'apparently' identical. However if we are looking for a 'cat burgular' in Los 
Angeles and the 'identical' match is from a 6 year old boy in Cape Town the 
collision in this case is academic. 

In much the same way if the original text was 'I owe you 1 million dollars' and 
the collision text was 'sdf86*&6989h,mni lkj99j' its not significant.

Both MD5 and SHA-1 are still useful in the real world.

Nick Pringle


>Hey all,
>
>> We abandon the requirement of collision resistance. This is a strange 
>> requirement, and is not supported by experience. Collision resistance 
>
>we might think of changing the requirement of collision resistance
>to "collision resistance in input data that is valid ASCII text". The
>attacks on MD5 used the weak avalanche of the highest-order bit
>in 32-bit words for producing the collision, basically precluding the
>possibility of generating colliding ASCII text.
>
>Cheers,
>Thomas Dullien
>
>

Follow-Ups:
- Re: SHA-1 broken
  - From: Paul Johnston
- Re: SHA-1 broken
  - From: Damian Menscher

Prev by Date: Re: SHA-1 broken
Next by Date: Re: Dangers of discarding duplicated messages
Previous by thread: Re: SHA-1 broken
Next by thread: Re: SHA-1 broken
Index(es):
- Date
- Thread