-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 26/05/14 01:15, Tom Ritter wrote: > Third: Figure out how to approximate an attacker who can perform > 2^80 calculations in the 'weird' cases. For a 32-character hex > fingerprint, a 2^80 attacker can match 20 characters. > > Weird Case 1: An attacker matches the beginning and end parts of > the fingerprint to try and trick someone doing a visual compare. > Clearly, matching the beginning and ending 10 characters exactly is > harder than matching any 20. but how much harder? Would a match of > the beginning and ending 8 characters correctly characterize a 2^80 > attacker?
As I've mentioned before, I don't think we can make a fair comparison of 'weird' attacks across fingerprint representations. Having said that... a 2^80 attacker can match 20 characters at chosen positions. I don't know how to calculate how many characters a 2^80 attacker could match at unchosen positions, but it seems to me that it would depend on the number of positions, i.e. the length of the fingerprint. > Weird Case 2: An attacker tries the match the fingerprint by > pronunciation to try and trick someone doing a vocal compare. > Again, matching 20 characters exactly and making the remaining 12 > 'sound alike' is harder than just matching 20. Would an attacker > getting 28 characters to 'sound alike' and have the rest match > exactly approximate a 2^80 attack? We don't even have a metric for 'sound alike', so this question isn't well-founded. Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJTgw+IAAoJEBEET9GfxSfMF08H+wWrntqdVbKp34QbtcQoGe4W uCKggnCp1rJvWqcJ8V/FaOpOqvneXPL1ttl4TWn+hA1p+7tObz8R9gQDrtdqrdrH 9E4tOSLrCtGpGL9p8kAGfEHIzoXi4lTZO6dLiolI6VR7KgiKjHsBA61wWpYtfVyK i7vL/k7H+vi1HqnfwptRNet9gzC5bFZauSnMp+/Zc/pYd5ucQpbABBA+8vETaC7R IeX1fQChREgxVD2UURclr2EqLHBSVbSxtGeKtHuENkyI8VljwKYJe3mMmnkMhsLS hdnOjjKN8lYSCSh7maxWfIPSqfchC9FmOUDq+6qhhVOxaSC/QvIhTidsGRpq074= =UIW+ -----END PGP SIGNATURE----- _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
