Re: Added hashes.
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


sci.crypt archive

Re: Added hashes.

From: Juuso Hukkanen <juuso_12_2003@tele3d.net>
Date: Mon Dec 12 2005 - 23:38:07 CET



On Sat, 10 Dec 2005 19:55:22 -0500, "John E. Hadstate"


<jh113355@hotmail.com> wrote:



>No.  By hashing the file twice with two independent hashes 


>and then XORing the two results, you have created a third 


>hash for which the probability of collisions is just as 


>computable as it is for either hash alone.  It is the nature 


>of a hash to have collisions.



No, that can't be true.



Think, if you have one Good-hash algorithm producing perfectly


distributed random numbers - each byte randomly between 0-255. You


also have a Bad-hash algorithm which only produces byte values between


0 and 3. 



If you combine million byte values from digests (Good-hash+ Bad-hash ,


byte by byte) using a modulus addition you will end up having a


perfectly distributed series of a million (pseudo)random numbers


between 0-255. 



Also you couldn't possibly show any statistical bias in that million


byte string. In fact even if you would be the only person in the world


who would know the how therribly bad the Bad-hash is you could take


any advantage of it in producing pre-image collisions.



Want a proof of that?  Consider the sting produced by Good-hash to be


an OTP - random string derived from cosmic radiation. Also consider


Bad-Hash to be a partially predictable English phrase.


"The quick brown fox jumped over the lazy brown dog".



If you combine the English phrase with a cosmos-derived random string,


using XORing or modulus addition, you will end up having a random


string which hides all the traces of the predictable string.


"The quick brown fox jumped over the lazy brown dog".



, or even if the predictable string ( Bad-hash) would have been:


"012301230123012301230123012301230123012301"



Therefore it should be fair to say that Good-hash eliminates ALL the


flaws available in an equally long Bad-hash if the hashes are combined


by modulus addition or XORing.



A week ago I (again) suggested a QC resistant cipher, in which the key


would be converted into an X-gigabytes long random string by


CS-hashes. I assumed that somebody would point out the flaws with


individual CD-hashes, and therefore defined a new CS-hash algorithm


't3d-hash'  which is a 512 - bits long hash made by modulus addition


of Whirlpool and SHA-512. 



Regards


Juuso Hukkanen


(to reply by e-mail set addresses month and year to correct)



ps. 


No one has yet commented the design. (Somebody should say: "hey the


attacker doesn't necessarily need to have made and held the whole


X-gigabyte array in the memory". To which I could then answer that


that is true, but if the length of the X-gigabyte array is doubled


 (2 x X-Gigabyte) and then required to be folded up half length (1 x


X-gigabyte) --> then the whole gigabyte is needed to be in the memory,


and there would not be a problem :)


Received on Fri Dec 23 20:09:49 2005