My understanding that the kind of birthday attack under discussion would start at 80-bits if SHA-1 (at 160-bits) were 100% secure. The attack under discussion is reported to reduce that to the neighborhood of 60-something bits.
I am not a mathematician though, so I would be perfectly willing to believe I was wrong about that. BB 3APA3A wrote: > Dear Blue Boar, > > It's not clear if this 'crack' cam be applied to birthday attack. My > in-mind computations were: because birthday attack requires ~square root > of N computations where bruteforce requires ~N/2, impact of 2000 times N > decrease for birthday is ~64 times faster. 64 = 2^6. Because complexity > is ~square root of possible combinations, it's equivalent of traditional > birthday attack, with 160-(2*6)=148 bits hash (150 is my mistake in > in-mind computations). > > Of cause, since I completely wasted 10 years after obtaining Master > degree in Mathematics and 3 years after loosing last pencil I may be > completely wrong in computations :) > > --Wednesday, March 21, 2007, 9:48:55 PM, you wrote to [EMAIL PROTECTED]: > > BB> 3APA3A wrote: >>> I know meaning of 'hash function' term, I wrote few articles on >>> challenge-response authentication and I did few hash functions >>> implementations for hashtables and authentication in FreeRADIUS and >>> 3proxy. Can I claim my right for sarcasm after calling ability to >>> bruteforce 160-bit hash 2000 times faster 'a crack'? > > BB> Fair enough, your sarcasm tags didn't render properly in my MUA. I was > BB> fooled by you stating that the birthday attack would be 150 bits. > > BB> BB > > _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________