On Wed, 16 Nov 2005, Lionel Elie Mamane wrote:
So that shaves about 2^17 from our result which brings the total of
time down to 200 thusand years.
Err... No. The scenario you were giving was about *accidental*
collision, wasn't it? Accidental collision isn't touched by the fact
that one can do it on purpose to create a collision with less work. So
it is still 10 billion years.
Indeed a second pre-image (given an input and its hash value, trying to
find a second input with the same hash value) attack was not found.
However, in several papers it was shown that it is possible to create two
_arbitrary_ messages with the same hash value in several file formats:
postscript, PDF, Tiff, and word97. See
http://www.csrc.nist.gov/pki/HashWorkshop/2005/Oct31_Presentations/Illies_NIST_05.pdf
(a paper by three german people showing the latter three and citing the
persons who did the work on postscript - Lucks and Daum).
And that's if the attack is not improved mathematically in this time
frame.
It appears that this specific attack won't be improved too much. My guess
(after looking at the respetive crystal ball) is that computers becoming
faster would help you more than short cuts in the analysis.
By the way, there are new results in attacks on 2nd preimage collisions
(one against messages of _very_ long nature (Eurocrypt 05) and one which
does the same even with short messages
(http://www.csrc.nist.gov/pki/HashWorkshop/2005/Oct31_Presentations/Kelsey_HerdingHash.pdf,
by Kelsey and Kohno).
--
Orr Dunkelman,
[EMAIL PROTECTED]
"If it wasn't for C, we'd be writing programs in BASI, PASAL, and OBOL", anon
Spammers: http://vipe.technion.ac.il/~orrd/spam.html
GPG fingerprint: C2D5 C6D6 9A24 9A95 C5B3 2023 6CAB 4A7C B73F D0AA
(This key will never sign Emails, only other PGP keys.)
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]