Re: MD5 collisions found - alternative?

To: Almut Behrens <almut-behrens@gmx.net>
Cc: debian-security@lists.debian.org
Subject: Re: MD5 collisions found - alternative?
From: Danny De Cock <godot@ace.ulyssis.org>
Date: Thu, 26 Aug 2004 01:56:29 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.60.0408260148050.32088@ace.ulyssis.org>
In-reply-to: <[🔎] 20040825231952.GK22410@citadelle.homelinux.net>
References: <[🔎] 412B14D7.2080300@deepblue.sk> <[🔎] Pine.LNX.4.60.0408241234570.32088@ace.ulyssis.org> <[🔎] 20040824182254.GD22410@citadelle.homelinux.net> <[🔎] Pine.LNX.4.60.0408242038590.32088@ace.ulyssis.org> <[🔎] 20040824204045.GE22410@citadelle.homelinux.net> <[🔎] Pine.LNX.4.60.0408242248120.32088@ace.ulyssis.org> <[🔎] 20040825034207.GF22410@citadelle.homelinux.net> <[🔎] 87pt5f94ta.fsf@uhoreg.ca> <[🔎] 20040825231952.GK22410@citadelle.homelinux.net>

On Thu, 26 Aug 2004, Almut Behrens wrote:

On Wed, Aug 25, 2004 at 01:15:13AM -0400, Hubert Chan wrote:
... So the only useful notion of oneway is that the hash is not easilyinvertible (i.e. you can't easily find some string that produces agiven hash value).
So, if you can somehow come up with an input string (except by bruteforce search), which computes to some given hash, that means youinverted the function, and it's thus not oneway -- nothing more andnothing less. It has nothing to do with whether there exists sometheoretic backward mapping from output to input that would uniquelyretrieve the string originally used to compute the hash.


confirmed.

for those who are interested in this topic, I can recommend the handbookof applied cryptography. the book's chapters are available for freedownload at http://www.cacr.math.uwaterloo.ca/hac/ chapter 9 focuses oncryptographic hash functions. the first chapter gives an excellentgeneral overview of cryptographic aspects in human readable form.

Thanks again everyone for taking the time.


you are welcome,

g.

-----------------------------------------------------------------------------
expert in just too late deliveries and applied cryptography
-----------------------------------------------------------------------------
mail: decockd:at:esat:dot:kuleuven:dot:ac:dot:be              http://godot.be
      godot:at:advalvas:dot:be                  http://godot.studentenweb.org
      godot:at:godot:dot:be      web: http://www.esat.kuleuven.ac.be/~decockd

Reply to:

References:
- MD5 collisions found - alternative?
  - From: Robert Trebula <r0b0@deepblue.sk>
- Re: MD5 collisions found - alternative?
  - From: Danny De Cock <godot@ace.ulyssis.org>
- Re: MD5 collisions found - alternative?
  - From: Almut Behrens <almut-behrens@gmx.net>
- Re: MD5 collisions found - alternative?
  - From: Danny De Cock <godot@ace.ulyssis.org>
- Re: MD5 collisions found - alternative?
  - From: Almut Behrens <almut-behrens@gmx.net>
- Re: MD5 collisions found - alternative?
  - From: Danny De Cock <godot@ace.ulyssis.org>
- Re: MD5 collisions found - alternative?
  - From: Almut Behrens <almut-behrens@gmx.net>
- Re: MD5 collisions found - alternative?
  - From: Hubert Chan <hubert@uhoreg.ca>
- Re: MD5 collisions found - alternative?
  - From: Almut Behrens <almut-behrens@gmx.net>

Prev by Date: Re: MD5 collisions found - alternative?
Next by Date: Re: init scripts and su
Previous by thread: Re: MD5 collisions found - alternative?
Next by thread: Re: MD5 collisions found - alternative?
Index(es):
- Date
- Thread