Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:20 ADT
Bill Frantz (frantz@netcom.com)
Mon, 13 Jul 1998 21:33:52 -0800
At 10:02 PM -0800 7/12/98, bram wrote:
>On Sun, 12 Jul 1998, Lewis McCarthy wrote:
>
>> Bill Frantz wrote:
>> >>> When we generate a random number, we compute enough MD5(entire pool || 8
>> >>> byte sequence counter) to meet fill the requested size. The 8 byte
>> >>> sequence counter is incremented for each new calculation.
>>
>> Bram writes:
>> > Unfortunately that can result in hashing a large number of similar
>> > bitstrings, making those available is an attack most hash functions aren't
>> > really meant to withstand.
>>
>> Pardon? I assume we are discussing cryptographic hash functions whose
>> designs are public. An attacker can certainly choose a large set of inputs,
>> hash them all, and examine the resulting hash values. In what sense is this
>> "an attack most hash functions aren't really meant to withstand"?
>
>Hash functions are designed to make it difficult, given a hash, to find
>something which hashes to that value. They are not designed to make ti
>difficult to, given a whole slew of hashes of things which only vary by a
>few bytes, find the bytes in common. Xoring with a sequence counter only
>changes the last few bytes. I don't know of any actual results breaking
>hashes in this way, but it could expose problems which proper use of the
>hashes wouldn't.
Ah! Now I know where the confusion is coming from. I use the || operator
to mean concatenation, as in PL/I. You appear to interpreting it as an
exclusive or operator, ^ in C/C++/Java. I am sorry to have been confusing.
(The nice thing about standards is that there are so many to chose from.)
-------------------------------------------------------------------------
Bill Frantz | If hate must be my prison | Periwinkle -- Consulting
(408)356-8506 | lock, then love must be | 16345 Englewood Ave.
frantz@netcom.com | the key. - Phil Ochs | Los Gatos, CA 95032, USA
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:20 ADT