[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dpkg-sig support wanted?

[George Danchev]
> Even using weak hash sum algorythms you can easily make the hash
> collider life tremendously difficult by simply having more than one
> (ok two should be enough) hash sums generated with _different_
> (weak?) algorythms on the same entity.

What you have just defined is a new hash algorithm of M+N bits.  Why
not instead use an existing hash algorithm with M+N bits?  If nothing
else, the attack is likely to be less parallelizable.

Attachment: signature.asc
Description: Digital signature

Reply to: