[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] Re: MD5 is broken
From: |
Andrew Suffield |
Subject: |
Re: [Gnu-arch-users] Re: MD5 is broken |
Date: |
Wed, 16 Mar 2005 18:38:30 +0000 |
User-agent: |
Mutt/1.5.6+20040907i |
On Wed, Mar 16, 2005 at 10:30:08AM -0800, Tom Lord wrote:
>
> The "combination" of two hash functions is itself a single hash function.
>
> So, arguments of the form "two are better than one", if mathematically
> based, aim for the conclusion that nothing short of an infinite amount
> of hashing code in core arch will be enough.
The specific advantage of two (way back when we actually designed this
years ago) is this:
Any given hashing function will inevitably be broken. When it is
broken, there will be a period of vulnerability between the time when
somebody breaks it and the time when it is no longer accepted by the
code. This is guaranteed to occur.
With two hashes, the two periods for them must *overlap* for there to
be a vulnerable period. This is unlikely to occur.
Adding more than two hashes merely reduces the probability, with
diminishing returns. Having two reduces it from 'certain' to 'probably
not'.
(This is, of course, in the specific case of an intelligent user who
reacts reasonably quickly to security advisories. Security for morons,
isn't)
--
.''`. ** Debian GNU/Linux ** | Andrew Suffield
: :' : http://www.debian.org/ |
`. `' |
`- -><- |
signature.asc
Description: Digital signature
- Re: [Gnu-arch-users] Re: MD5 is broken, (continued)
- Re: [Gnu-arch-users] Re: MD5 is broken, Matthew Dempsky, 2005/03/22
- Re: [Gnu-arch-users] Re: MD5 is broken, Adrian Irving-Beer, 2005/03/22
- [Gnu-arch-users] Re: MD5 is broken, Matthieu Moy, 2005/03/22
- Re: [Gnu-arch-users] Re: MD5 is broken, Adrian Irving-Beer, 2005/03/22
- Re: [Gnu-arch-users] Re: MD5 is broken, Nikolai Weibull, 2005/03/22
- [Gnu-arch-users] Re: MD5 is broken, Ivan Boldyrev, 2005/03/23
- [Gnu-arch-users] Re: MD5 is broken, Ivan Boldyrev, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Aaron Bentley, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Tom Lord, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken,
Andrew Suffield <=
- Re: [Gnu-arch-users] Re: MD5 is broken, Tom Lord, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Andrew Suffield, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Tom Lord, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Adrian Irving-Beer, 2005/03/21
- Re: [Gnu-arch-users] Re: MD5 is broken, Bruce Stephens, 2005/03/21
- Re: [Gnu-arch-users] Re: MD5 is broken, Aaron Bentley, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Andrew Suffield, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Andrew Suffield, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16