Dear Blue Boar, It's not clear if this 'crack' cam be applied to birthday attack. My in-mind computations were: because birthday attack requires ~square root of N computations where bruteforce requires ~N/2, impact of 2000 times N decrease for birthday is ~64 times faster. 64 = 2^6. Because complexity is ~square root of possible combinations, it's equivalent of traditional birthday attack, with 160-(2*6)=148 bits hash (150 is my mistake in in-mind computations).
Of cause, since I completely wasted 10 years after obtaining Master degree in Mathematics and 3 years after loosing last pencil I may be completely wrong in computations :) --Wednesday, March 21, 2007, 9:48:55 PM, you wrote to [EMAIL PROTECTED]: BB> 3APA3A wrote: >> I know meaning of 'hash function' term, I wrote few articles on >> challenge-response authentication and I did few hash functions >> implementations for hashtables and authentication in FreeRADIUS and >> 3proxy. Can I claim my right for sarcasm after calling ability to >> bruteforce 160-bit hash 2000 times faster 'a crack'? BB> Fair enough, your sarcasm tags didn't render properly in my MUA. I was BB> fooled by you stating that the birthday attack would be 150 bits. BB> BB -- ~/ZARAZA http://securityvulns.com/ Íåïðèÿòíîñòè íà÷íóòñÿ â âîñåìü. (Òâåí) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
