At 16:09 26/08/2004, Trei, Peter wrote: >[snip] >Looking over the recent work on hash collisions, one >thing that struck me was that they all seem to be >attacks on known plaintext - the 'plaintexts' which >collided were very close to each other, varying in >only a few bits. > >While any weakness is a concern, and I'm not >going to use any of the compromised algorithms >in new systems, this type of break seems to be >of limited utility. > >It allows you (if you're fortunate) to modify a signed >message and have the signature still check out. >However, if you don't know the original plaintext >it does not seem to allow you construct a second >message with the same hash. [snip]
From a lawyer's perspective, it seems worrying that a message into which the word "not" has been inserted might still have the same hash as the original (assuming the hash to be a component of an electronic signature) Regards Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop�s Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 020 7788 2198 (+44 20 7788 2198) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
