Dear Blue Boar, I know meaning of 'hash function' term, I wrote few articles on challenge-response authentication and I did few hash functions implementations for hashtables and authentication in FreeRADIUS and 3proxy. Can I claim my right for sarcasm after calling ability to bruteforce 160-bit hash 2000 times faster 'a crack'?
--Wednesday, March 21, 2007, 8:53:27 PM, you wrote to [EMAIL PROTECTED]: BB> 3APA3A wrote: >> First, by reading 'crack' I thought lady can recover full message by >> it's signature. After careful reading she can bruteforce collisions 2000 >> times faster. BB> Cracking a hash would never mean recovering the full original message, BB> except for possibly messages that were smaller than the number of bits BB> in the hash value. There are an infinite number of messages that all BB> hash to the same value. BB> The best crack you can have for a hash is to be able collide with an BB> existing hash value and be able to choose most of the message contents. BB> BB -- ~/ZARAZA http://securityvulns.com/ Åñòü òàì âåðñèè Îòåëëî, ãäå Äåçäåìîíà äóøèò Ìàâðà. (Ëåì) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
