[Dshield] Crypto Question
John Hardin
jhardin at impsec.org
Wed Mar 4 22:12:06 GMT 2009
On Wed, 4 Mar 2009, Frank Knobbe wrote:
> The bigger risk with MD5 is to covertly sneak in changes in plaintext
> and have them still be valid with the same signature. That's the real
> problem with MD5, not how much faster you can find a password in an
> offline attack against a password database.
What I'm wondering is why the file formats and protocols that incorporate
such signing don't provide for multiple signatures using different crypto
hash algorithms. Isn't it a good idea to assume that _all_ crypto hash
algorithm _will_ have collisions (regardless of how expensive those might
be to find), and your goal is to make that inherent flaw not a problem in
practice?
What's the likelihood that the same collision plaintext would generate the
same crypto hash using several different algorithms?
While this is interesting, it's rather OT...
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin at impsec.org FALaholic #11174 pgpk -a jhardin at impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Failure to plan ahead on someone else's part does not constitute
an emergency on my part. -- David W. Barts in a.s.r
-----------------------------------------------------------------------
4 days until Daylight Saving Time begins in U.S. - Spring Forward
More information about the Dshield
mailing list