On Wed, Feb 1, 2012 at 1:01 PM, Francois Grieu wrote:
> On 01/02/2012 21:09, Jon Callas wrote:
>>
>> As I remember Hal's protocol, it requires about eight megabytes of data to
>> be transferred back and forth to prove that you know the SHA1 hash. It's not
>> so much to be obviously absurd, but not
On Wed, 1 Feb 2012, Nico Williams wrote:
On Wed, Feb 1, 2012 at 3:49 AM, Francois Grieu wrote:
The talk does not give much details, and I failed to locate any article
with a similar claim.
I would find that result truly remarkable, and it is against my intuition.
The video you posted does he
On 01/02/2012 21:09, Jon Callas wrote:
As I remember Hal's protocol, it requires about eight megabytes of data to be transferred back and forth to prove that
you know the SHA1 hash. It's not so much to be obviously absurd, but not efficient enough to be something you'd want
to do often.
Close
On Feb 1, 2012, at 1:49 AM, Francois Grieu wrote:
> The talk does not give much details, and I failed to locate any article
> with a similar claim.
> I would find that result truly remarkable, and it is against my intuition.
>
> Any info on the Hal Finney protocol, or a protocol giving a similar
On 01/02/2012 18:50, Nico Williams wrote:
On Wed, Feb 1, 2012 at 3:49 AM, Francois Grieu wrote:
The talk does not give much details, and I failed to locate any article
with a similar claim.
I would find that result truly remarkable, and it is against my intuition.
The video you posted does hel
Natanael wrote:
> We do have zero-knowledge proofs, but AFAIK they do not use SHA1.
I'm not after a proof that "uses" SHA-1; I'm after a proof of a
message with given SHA-1 result, which is something very different.
> http://en.wikipedia.org/wiki/Zero-knowledge_password_proof
> http://en.wikipe
On Wed, Feb 1, 2012 at 3:49 AM, Francois Grieu wrote:
> The talk does not give much details, and I failed to locate any article
> with a similar claim.
> I would find that result truly remarkable, and it is against my intuition.
The video you posted does help me with the intuition problem. The
i
We do have zero-knowledge proofs, but AFAIK they do not use SHA1.
http://en.wikipedia.org/wiki/Zero-knowledge_password_proof
http://en.wikipedia.org/wiki/Zero-knowledge_proof
http://en.wikipedia.org/wiki/Non-interactive_zero-knowledge_proof <--
Most likely what you want
--- If everybody is thinki
Just showed up on Full Disclosure.
http://seclists.org/fulldisclosure/2012/Feb/0.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
[William Whyte (2012-02-01 12:32:05 UTC)]
> > Alice discloses a 160-bit value h and claims that she (or
> parties/devices she
> > has access to) knows a message m with h=SHA-1(m).
> >
> > Can she convince Bob of her claim using some protocol, without letting
> Bob
> > find m, and without a third
On 01/02/2012 13:32, William Whyte wrote :
> You can obviously prove it in the case where Alice claims she knows
> SHA-1(SHA-1(m)), which seems to be the same claim.
Alice discloses h and claims knowledge of m with h=SHA1(m).
That's not equivalent to claiming knowledge of SHA-1(SHA-1(m)),
which an
You can obviously prove it in the case where Alice claims she knows
SHA-1(SHA-1(m)), which seems to be the same claim.
William
> -Original Message-
> From: cryptography-boun...@randombit.net [mailto:cryptography-
> boun...@randombit.net] On Behalf Of Francois Grieu
> Sent: Wednesday, Febr
Alice discloses a 160-bit value h and claims that she (or
parties/devices she has access to) knows a message m with h=SHA-1(m).
Can she convince Bob of her claim using some protocol, without letting
Bob find m, and without a third party or device that Bob trusts?
At a Crypto'98 rump session, Hal
13 matches
Mail list logo