confusion about 256 bits vs. 256 processors

From: Simson L. Garfinkel (simsongat_private)
Date: Wed Feb 05 2003 - 05:23:48 PST

Next message: Larry Seltzer: "RE: Raspuns: Identifying Win2K/XP Encrypted Files"

Previous message: John L. Clarke, III: "Re: Identifying Win2K/XP Encrypted Files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The listbot rejected this, so I am resending it...
> From: "Simson L. Garfinkel" <simsongat_private>
> Date: Thu Jan 30, 2003  7:28:06 PM US/Eastern
> To: "Holt, Albert" <Albert.Holtat_private>
> Cc: "Simson L. Garfinkel" <slgat_private>, Matt Scarborough 
> <vexversaat_private>, Chris Reining <creiningat_private>, "Mark 
> G. Spencer" <mspencerat_private>, forensicsat_private
> Subject: RE: MD5 Exploit Database?
>
>
> I understand the argument, but I do not agree with it.
>
> 1. I do not think that SHA-1 can be used to validate the results of 
> MD5. What do you do if they disagree? What does it mean if they agree?
>
> 2. I do not think that we are likely to find a fatal flaw in MD5 that 
> allows people to craft arbitrary MD5 results in text files or 
> executables. Perhaps in random binary data, but probably not. But even 
> if we did, more than 10 years' experience with MD5 shows that it is 
> very useful on its own for real-world applications. Being able to 
> craft a collision wouldn't change that.
>
> 3. The extra CPU time is significant, as is the extra storage time. 
> Computing the hash codes for all of the files on my computer is a 
> CPU-bound activity, not a disk-bound activity. It makes a difference 
> to me if something takes 4 hours vs. 1 hour.  Computers will get 
> faster, but even 1 hour vs. 15 minutes makes a significant difference.
>
> However, I'm willing to be convinced otherwise.
>
>
> On Thursday, January 30, 2003, at 07:43 AM, Holt, Albert wrote:
>
>> There are a number of reasons why it is prudent to calculate SHA-1 in
>> addition to md5. They can be used to some degree to compare and 
>> validate
>> each other's results. And what if some morning it is discovered that 
>> there
>> is a fatal flaw in md5, and that the results cannot be trusted? You 
>> already
>> have Plan B. Commodity compute power is cheap, as is storage for a 
>> bunch of
>> 128/160 bit outputs.
>>
>> al holt
>> NSIRC
>>


-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Larry Seltzer: "RE: Raspuns: Identifying Win2K/XP Encrypted Files"
Previous message: John L. Clarke, III: "Re: Identifying Win2K/XP Encrypted Files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 05 2003 - 05:33:29 PST