List Info

Thread: Re: PlayStation 3 predicts next US president
Re: PlayStation 3 predicts next US president
country flaguser name
United States		 2007-12-10 12:06:16 
What puzzles me in all this long and rather arcane
discussion is 
why isn't the solution of using a double hash - MD5 *and*
SHA 
whatever. The odds of find a double collision go way up.

Some open source software people are already doing this.
I've 
played around with the sample files that are out there and
find 
an easy way to do this but I don't have either the
horsepower or 
skill to be at all definitive.

My gut tells me that using two processes that use different

algorithms, even though compromised, will raise the bar so
high 
that it would be secure for a long time.

At my skill level and horsepower I can't find even a single
way 
to do this with CRC32 and MD5. Granted, that certainly
doesn't 
mean a whole lot.

But to take a real world example, a safety deposit box, the
two 
keys have to work together to open the box. It really does
not 
matter is one is a Yale and the other a combination, either
one 
of which are easily compromised by themselves, but together
you 
would have to find both at the same time to open the box, a
lot 
tougher problem.

Best,

Allen

Francois Grieu wrote:
> william.allen.simpsongmail.com wrote:
> 
>>  Dp := any electronic document submitted by some
person, converted to its
>>        canonical form
>>  Cp := a electronic certificate irrefutably
identifying the other person
>>        submitting the document
>>  Cn := certificate of the notary
>>  Tn := timestamp of the notary
>>  S() := signature of the notary
>>
>>  S( MD5(Tn || Dp || Cp || Cn) ).
> 
> In this context, the only thing that guards agains an
attack by
> "some person" is the faint hope that she
can't predict the Tn
> that the notary will use for a Dp that she submits.
> 
> That's because if Tn is known (including chosen) to
"some person",
> then (due to the weakness in MD5 we are talking about),
she can
> generate Dp and Dp' such that
>   S( MD5(Tn || Dp || Cp || Cn) ) = S( MD5(Tn || Dp' ||
Cp || Cn) )
> whatever Cp, Cn and S() are.
> 
> If Tn was hashed after Dp rather than before, poof goes
security.
> 
> 
>   Francois Grieu
> 
>
------------------------------------------------------------
---------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe
cryptography" to majordomometzdowd.com
> 

------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomometzdowd.com
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )