| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Jun 2007 13:17:24 -0700 From: Brian Dessent <brian@...sent.net> To: full-disclosure@...ts.grok.org.uk Subject: Re: Month of Random Hashes: DAY THREE "M.B.Jr." wrote: > but only one string can produce that md5 hash signature, > that sha1 hash signature, fucking that sha256 hash signature, fucking > that <any_other> hash signature, etc... False. If you specify multiple hash algorithms for a string it's conceptually equivalent to making up a new hash function that is defined as having the output that is the concatenated outputs of md5, sha1, sha256, and whatever else our crapflooder is posting. But this new composite-hash function still has an infinite number of inputs and a finite number of outputs, just like any other hash function. And thus for any one particular output value there are still an infinite number of corresponding inputs. They may be harder to find and they may be orders of magnitude larger, but they still exist at the mathematical level. Brian _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists