On Wed, Aug 25, 2004 at 01:15:13AM -0400, Hubert Chan wrote: > > Ah, but then using that definition of "oneway", every hash is oneway, > since there must always be some hash value corresponding to two > different input strings (assuming the input space is larger than the > output space, which is generally the case). Since every hash is oneway, > this renders the term meaningless. So the only useful notion of oneway > is that the hash is not easily invertible (i.e. you can't easily find > some string that produces a given hash value).
Okay, I guess I finally got it. Thanks for the clarifications. Let me just rephrase it in my own words to make sure my updated understanding now matches the notion commonly held in cryptography circles. No need to respond unless you still find some flaws in it :) So, if you can somehow come up with an input string (except by brute force search), which computes to some given hash, that means you inverted the function, and it's thus not oneway -- nothing more and nothing less. It has nothing to do with whether there exists some theoretic backward mapping from output to input that would uniquely retrieve the string originally used to compute the hash. The crucial point here simply was my rather different conception of invertability. So, now, the addition operation I mentioned is clearly _not_ oneway, in contrast to what I proclaimed originally ;) Makes sense now -- and makes much of what's been said so far appear in a different light. (And it hopefully explains some of the objections I had, that presumably must have seemed a little weird to anyone with a 'cryptographic' mindset...) Thanks again everyone for taking the time. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
