Re: SHA-1 broken
In-Reply-To: <011401c51541$fdafedb0$0400a8c0@p14n>
I think Thomas has a good point here. We must separate the academic
mathematical arguement about collisions from it's application in the real
world. It may be that there are collisions in both MD5 and SHA-1 but have they
any actual bearing on the use and application of these hashes in the real world?
In human fingerprint forensics it is possible for 2 finger prints to be
'apparently' identical. However if we are looking for a 'cat burgular' in Los
Angeles and the 'identical' match is from a 6 year old boy in Cape Town the
collision in this case is academic.
In much the same way if the original text was 'I owe you 1 million dollars' and
the collision text was 'sdf86*&6989h,mni lkj99j' its not significant.
Both MD5 and SHA-1 are still useful in the real world.
Nick Pringle
>Hey all,
>
>> We abandon the requirement of collision resistance. This is a strange
>> requirement, and is not supported by experience. Collision resistance
>
>we might think of changing the requirement of collision resistance
>to "collision resistance in input data that is valid ASCII text". The
>attacks on MD5 used the weak avalanche of the highest-order bit
>in 32-bit words for producing the collision, basically precluding the
>possibility of generating colliding ASCII text.
>
>Cheers,
>Thomas Dullien
>
>