Oskar L. wrote: > calculators designed to show very large numbers can show the result. Now I > compare all the hashes from one picture to all the hashes from the other.
Doing a birthday attack is highly nontrivial. E.g., to do a birthday attack on SHA256 requires a minimum, a _minimum_, of over 10**17 joules to be liberated as heat. That's about as much as you'd get from an entire full-out strategic nuclear exchange between the US and Russia. You're talking global climate change at that point, along with potential mass extinction of humanity. It's not pretty. > Do hash firewalls have any drawbacks (performance decrease, difficult to > implement, patent issues etc.)? What's the reason DSA doesn't have one? Historical reasons. Nobody ever thought DSA would be used with anything other than SHA-1, so if there's only one approved hash function, there's no need for a hash firewall. DSS explicitly requires SHA-1 as a hash. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
