Re: Added hashes.

Juuso Hukkanen wrote:
>What I ask is
>if ONE of the two original hashes is truly perfectly random, so that
>it can not be improved in anyway, does it then hide the faults in the
>another hash _PERFECTLY_ if those are combined using modulus addition
>or XORing.

Unfortunately not. At least in theory, the combination could be far
worse than either of the constituents. In practice, we would be very
surprised to see this happen if the two hashes are unrelated, but there
are no guarantees. I can't prove it won't happen.

Suppose H(x) = F(x) xor G(x), for two hashes F and G.

Example #1: F(x) = G(X) = SHA256(x). Then H(x) = 0 for all x, so
finding collisions is easy.

Example #2: F(x) = SHA256(x), G(x) = SHA256(x) xor first256bits(x).
Then H(x) = first256bits(x) for all x, so finding collisions is easy
and the first 256 bits of x are leaked (poor preimage resistance).
Received on Fri Dec 23 20:10:03 2005