lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 23 Apr 2014 10:41:22 -0400
From: Bill Cox <>
Subject: Re: [PHC] Dumb fast file digest idea...

On Wed, Apr 23, 2014 at 10:29 AM, Dmitry Khovratovich <> wrote:

> I think that collisions for this hash function can be found by
> differential cryptanalysis, where differences are injected in block[0],
> block[1], and block[128*128-1]. The first two compensate each other in the
> state, and the third one cancels the difference in buffer[0].

Wow!  That was fast!  I figured this would have people stumped at least
until after lunch :-)

That's a brilliant attack on the idea.  My guess is that there will be
similar attacks on modified versions, or else most likely we'd already be
using this technique.  It's not complex enough for me to be the first guy
to think of it.

I'll keep thinking about it for a bit...


Content of type "text/html" skipped

Powered by blists - more mailing lists