Re: Re: Fwd: Potential SHA 1 Hack Using Distributed Computing

Thread: Re: Re: Fwd: Potential SHA 1 Hack Using Distributed Computing - Near Miss(es) May be Good Enough

Search this list only Search all lists
Re: Re: Fwd: Potential SHA 1 Hack Using Distributed Computing - Near Miss(es) May be Good Enough
Austria	2007-08-14 16:31:33
Quoting Paul Hoffman <paul.hoffmanvpnc.org>: > At 11:00 PM -0700 8/13/07, Aram Perez wrote: >> Anyone know more about this? > > I have the same question. I could not find any description of why > they think that finding near-misses is going to help the research. > It's not clear if they are taking their own path, or trying to > improve Wang's path, or what. The mentioned article is indeed confusing, the information in there took apparently several hops. To address your questions: Indeed, we have our own "path", but more importantly we developed a new method to speed-up generation and testing of candidate message pairs and apply it to SHA-1. The resulting work factor is still quite high, hence we ask for contributions via the BOINC framework. More information on cryptanalytic details, type of collision, and resulting work factor will appear later this year. -Christian ------------------------------------------------------------ --------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomometzdowd.com

Re: Re: Fwd: Potential SHA 1 Hack Using Distributed Computing - Near Miss(es) May be Good Enough
United States	2007-08-14 17:47:06
At 11:31 PM +0200 8/14/07, Christian Rechberger wrote: >The mentioned article is indeed confusing, the information in there >took apparently several hops. Welcome to the world of public cryptography! At least I haven't seen anyone so far suggest that you will find pre-images. >To address your questions: Indeed, we have our own "path", but more >importantly we developed a new method to speed-up generation and >testing of candidate message pairs and apply it to SHA-1. The >resulting work factor is still quite high, hence we ask for >contributions via the BOINC framework. Is there any estimation of how high? Specifically, do you believe there is a good chance of having less work effort than the current Wang strategy? For example, if you are sure that your result will be around 2^70, well that is interesting in theory but probably not worth any publicity you have gotten so far. If you are sure it will be around 2^55, I'll certainly give you some of my spare CPU cycles. >More information on cryptanalytic details, type of collision, and >resulting work factor will appear later this year. That's good to hear. It would also be interesting if you could keep a running meter of approximately how much work you are getting from the participants. This isn't nearly as "sexy" as finding ETs or even protein folding... --Paul Hoffman, Director --VPN Consortium ------------------------------------------------------------ --------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomometzdowd.com

[1-2]

about | contact Other archives ( Real Estate discussion Medical topics )