Quoting Paul Hoffman <[EMAIL PROTECTED]>:
At 11:31 PM +0200 8/14/07, Christian Rechberger wrote:
The mentioned article is indeed confusing, the information in there
took apparently several hops.
Welcome to the world of public cryptography! :-) At least I haven't
seen anyone so far suggest that you will find pre-images.
Stay tuned, you never know ;-)
Something similar happened last year with our example for "meaningful
collisions" for SHA-1 to reduced to 80% of its steps. We gave two
meaningful but different ASCII texts followed by some random chunk as
an example of our new technique back then. Suddenly someone invented
HTML as an example of another application that ended up on a newsticker.
To address your questions: Indeed, we have our own "path", but more
importantly we developed a new method to speed-up generation and
testing of candidate message pairs and apply it to SHA-1. The
resulting work factor is still quite high, hence we ask for
contributions via the BOINC framework.
Is there any estimation of how high? Specifically, do you believe
there is a good chance of having less work effort than the current
Wang strategy?
Seriously, if we wouldn't be convinced that the new method is more
efficient than anything else we know of and hence interesting enough
to explore further, we wouldn't have started such a project. So yes,
this is much faster than Wang's published method, and based on all we
know also faster than what is estimated for Wang's latest unpublished
methods.
Exact comparison is a complicated and delicate issue, and I have to
put you of to our upcoming paper on that issue. Your contribution of
CPU cycles is of course very welcome.
More information on cryptanalytic details, type of collision, and
resulting work factor will appear later this year.
That's good to hear. It would also be interesting if you could keep
a running meter of approximately how much work you are getting from
the participants. This isn't nearly as "sexy" as finding ETs or even
protein folding...
We first plan to provide support for more platforms to increase the
size of our potential user base, but next, some meaningful statistics
are indeed on our todo-list.
-Christian
(only sporadic access to mail this week)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]