Apologies in advance for the vagueness of the question...

Talking to a friend the other day, he was telling me about a potential
loophole with SHA-1 hashes protected by an RSA signature. Basically, he
seemed to think that with an SHA hash of a suitable length (say, 2^20), the
hash could be cubed and still not 'fail', since it was below the key
modulus. If you change the hash length, this problem doesn't occur.

I'm unconvinced for a number of reasons - this sounds very strange to me.
Not least because, even if cubing the hash does work (why cubing?), since
it's infeasible to create a binary which produces a given hash it still
doesn't help. 

Could someone help shed some light on this? Either pointing me at a paper
documenting the hole, or confirming that it's gibberish (at which point I'll
go back to work and ask him for more details :).



The ability to quote is a serviceable substitute for wit.
 -- W. Somerset Maugham

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to