[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4214B161.6070107@samfundet.no>
From: eian at samfundet.no (Martin Eian)
Subject: In case y'all didn't catch it yet...
> One possibility is brute forcing password hashes. If one has this hash
> '988881adc9fc3655077dc2d4d757d480b5ea0e11', less time is now needed to brute
> force it and gain access to something.
Not really. Here's why:
Bruce Schneier wrote that the research team had found collisions in
SHA-1 in 2**69 operations. A collision won't help you brute force a
password hash. What you just described is a preimage, not a collision.
From "Handbook of Applied Cryptography" [1], chapter 9, subsection
9.2.2, pages 323-324:
1. preimage resistance - for essentially all pre-specified outputs, it
is computationally infeasible to find any input which hashes to that
output, i.e., to find any preimage x' such that h(x') = y when given any
y for which a corresponding input is not known.
2. 2nd-preimage resistance - it is computationally infeasible to find
any second input which has the same output as any specified input, i.e.,
given x, to find a 2nd-preimage x' =/= x such that h(x) = h(x').
3. collision resistance - it is computationally infeasible to find any
two distinct inputs x,x' which hash to the same output, i.e., such that
h(x) = h(x'). (Note that here there is free choice of both inputs.)
[1] http://www.cacr.math.uwaterloo.ca/hac/
--
Martin Eian
Powered by blists - more mailing lists