[EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote: > On Wed, 10 Sep 2003 13:53:49 -0700 =?iso-8859-1?Q?J=E9r=F4me_ou_Sally_Bonnet?= > <[EMAIL PROTECTED]> wrote: > >Is it possible to design a program that creates a file that matches > >a specific CHK, so that it would be possible to prevent users from > >accessing a specific file by injecting the colliding file in the > >network before the target file becomes too popular? > > Yes, it is possible. But it is computationally very hard. For any given > CHK there are an infinite number of files that yield that CHK after insertion. > The problem is finding one of them.
We're using SHA-1 (160 bit) hashes for this, right? Let's assume so (the math is similar for other hashes). Let's assume that the distribution of hashes over the space of possible files is perfectly random. 2^160 is 1461501637330902918203684832716283019655932542976, which is how many different possible hashes there are. On the average, you'd have to create and hash half this many files (2^159) to find one that generates the target CHK. Let's assume you can do 1000 of these files every second. Oh hell, let's say you can do over a million (2^10) per second. That means you'd have to hash files for somewhere around 2^149 seconds to find one that matches. That's about 22613994246837820632943248145966286506 *years* worth of work, give or take a little. -- Greg Wooledge | "Truth belongs to everybody." [EMAIL PROTECTED] | - The Red Hot Chili Peppers http://wooledge.org/~greg/ |
pgp00000.pgp
Description: PGP signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
