[Dshield] Crypto Question

John Hardin jhardin at impsec.org
Wed Mar 4 22:12:06 GMT 2009

On Wed, 4 Mar 2009, Frank Knobbe wrote:

> The bigger risk with MD5 is to covertly sneak in changes in plaintext 
> and have them still be valid with the same signature. That's the real 
> problem with MD5, not how much faster you can find a password in an 
> offline attack against a password database.

What I'm wondering is why the file formats and protocols that incorporate 
such signing don't provide for multiple signatures using different crypto 
hash algorithms. Isn't it a good idea to assume that _all_ crypto hash 
algorithm _will_ have collisions (regardless of how expensive those might 
be to find), and your goal is to make that inherent flaw not a problem in 

What's the likelihood that the same collision plaintext would generate the 
same crypto hash using several different algorithms?

While this is interesting, it's rather OT...

  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  jhardin at impsec.org    FALaholic #11174     pgpk -a jhardin at impsec.org
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
   Failure to plan ahead on someone else's part does not constitute
   an emergency on my part.                 -- David W. Barts in a.s.r
  4 days until Daylight Saving Time begins in U.S. - Spring Forward

More information about the Dshield mailing list