Eric Murray wrote: > > On Fri, Dec 25, 1998 at 11:37:03AM -0500, Andrew Maslar wrote: > > Hello all. > > > > I'm new to the list; hope I can be helpful some day. > > But first a question: > > > > I'm toying around with various protocols for key exchange, and I wonder, > > if an attacker intercepted the result of the following operation: > > > > md5(x) + md5(x + y + z) > > > > (the +'s mean concatenation) > > > > and the attacker already knew: > > > > 1. the nature of the operation > > 2. x > > 3. z > > > > Could s/he compute y? > > You really want to ask "how hard would be for an attacker > to compute y?". It's always possible, it's just a question > of being practical (or more properly, cost-effective for > the attacker). Surely in the case of MD5 (or any other hash) the question is "how hard would it be for an attacker to compute a value that gives the same result as y?". Of course, y is one candidate, but generally there are an infinity of them, right? Cheers, Ben. -- Ben Laurie |Phone: +44 (181) 735 0686| Apache Group member Freelance Consultant |Fax: +44 (181) 735 0689|http://www.apache.org/ and Technical Director|Email: [EMAIL PROTECTED] | A.L. Digital Ltd, |Apache-SSL author http://www.apache-ssl.org/ London, England. |"Apache: TDG" http://www.ora.com/catalog/apache/
