Re: Added hashes.
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


sci.crypt archive

Re: Added hashes.

From: Paul Rubin <//phr.cx@NOSPAM.invalid>
Date: Wed Dec 14 2005 - 00:08:26 CET



Juuso Hukkanen <juuso_12_2003@tele3d.net> writes:


> You are right that is exactly the case. (Are you sure you are not an


> Asian guru.) I suspect that one day one of the hashes Whirpool or


> SHA512 will eventully fall, because the history of hashes says so. Ok,


> none of those is perfect, but let's assume one of those would fall


> sooner than the other. 



You're expressing a belief that at least one of Whirlpool and SHA512


is not perfect.  That's fine, there's no proof that either one is


perfect, so it's fine to assume the opposite.  But next you want to


assume they are "independent", whatever that means, without proof.  If


you're trying to operate by theoretical proofs of security, then


unless you have proofs otherwise, you should not only assume that the


hashes are not perfect, you should also assume they are not independent.


So, any theorems about combining independent hashes can't be applied


to SHA512 and Whirlpool.


Received on Fri Dec 23 20:10:08 2005