lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 16 Jun 2007 16:37:17 -0300
From: M.B.Jr. <marcio.barbado@...il.com>
To: "William Lefkovics" <william@...kovics.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Month of Random Hashes: DAY THREE

On 6/16/07, William Lefkovics <william@...kovics.net> wrote:
>
> I wish I knew more about it when I was younger living in
> Vancouver.  Walking
> downtown, shady looking characters would walk past and whisper under their
> breath... "hash?"


well,
guess that sort of hash also produces confusing outputs aint that...?
=P

Now I understand...
>
> Seriously, thanks for the FAQ'n explanation.
>
>
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of
> Valdis.Kletnieks@...edu
> Sent: Friday, June 15, 2007 1:57 PM
> To: M.B.Jr.
> Cc: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Month of Random Hashes: DAY THREE
>
> On Fri, 15 Jun 2007 16:59:01 -0300, "M.B.Jr." said:
> > but only one string can produce that md5 hash signature, that sha1
> > hash signature, fucking that sha256 hash signature, fucking that
> > <any_other> hash signature, etc...
>
> Nope.  There's an infinite number of strings that would produce the same
> MD5/sha1/sha256/whatever hash.  The interesting point about such hashes is
> that although given a particular string A, we can *easily* compute the
> hash
> H.
> However, knowing H, we don't have a good way to recover A, nor do we have
> any easy way to compute a *second* string B that hashes to H.
>
> So, given a hash H, we know one of 3 things is true:
>
> 1) The person we got H from has A, and easily computed H.
> 2) The person doesn't have A, but does have either a way to use several
> million CPU-years or a crypto breakthrough to compute some string B that
> also hashes to H
> 3) The person just pulled a pseudo-random string of bits out of their ass,
> called it H, and has as little clue about A and B as we do.
>
> At the current time, (2) is believed to be impractical, and (3) fails the
> instant the person actually has to produce A itself.  As a result, we can
> usually presume that if they have a hash H, they've got the A it hashed
> from.
>
> This becomes interesting if you want to prove that you have a prior claim
> on
> something, without revealing the something (for instance, an advisory or
> PoC
> for something while you're still working with a vendor about fixing it) -
> you can (for instance) post the hash of it on May 1, release the
> announcement on July 1, and when others dispute your claim you knew about
> it
> on May 1, you can point to the hash from May 1, and show it's the same as
> the hash of your July 1 announcement, and thus prove you knew about it
> back
> on that date.
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
Marcio Barbado, Jr.
==============
==============

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ