compare-by-hash (was Re: sharing /etc/passwd)
Jacques A. Vidrine
nectar at FreeBSD.org
Tue Sep 28 08:16:06 PDT 2004
On Tue, Sep 28, 2004 at 12:14:05PM +0300, Giorgos Keramidas wrote:
> There is one difference between ``looking for collisions'' and being
> bitten by undetected collisions though.
>
> If the probability of a collision just happening with random user data
> is 1/(2^128) we can't be sure that it will necessarily take the
> transfer of an average number of 2^127 blocks before a collision
> happens. You might get one at the very first pair of blocks and then
> no collisions ever after until the Sun burns out.
>
> Using two different hashes for the same set of input data, which David
> G. Andersen proposed, seems like a nice idea though.
If you buy the "logic" of the paper, this would not make much
difference. After all, composing two hashes just gives you another
hash with a longer bit length.
This paper needs a lot more peer review, although I'm not sure that
many take it seriously enough to bother.
Cheers,
--
Jacques A Vidrine / NTT/Verio
nectar at celabo.org / jvidrine at verio.net / nectar at FreeBSD.org
More information about the freebsd-security
mailing list