Any time estimates for SHA-1 or SHA-2 attacks?
- Alex
- Original Message -
From: [EMAIL PROTECTED]
To: cryptography@metzdowd.com
Subject: Tunnels in Hash Functions: MD5 Collisions in 40 seconds
Date: Sat, 18 Mar 2006 18:05:40 +0100 (CET)
Congratulations to Marc Stevens, who
| Anyone see a reason why the digits of Pi wouldn't form an excellent
| public large (infinite, actually) string of random bits?
|
| There's even an efficient digit-extraction (a/k/a random access to
| fractional bits) formula, conveniently base 16:
| http://mathworld.wolfram.com/BBPFormula.html
Unfortunately, they haven't. In Europe I get receipts with different
crossing-out patterns almost every week.
And, with they I mean the builders of point-of-sale terminals: I
don't think individual store owners are given a choice.
Though I believe I have noticed a good trend in that I
Gutterman, Pinkas, and Reinman have produced a nice as-built-specification and
analysis of the Linux random number generator.
From http://eprint.iacr.org/2006/086.pdf:
Following our analysis of the LRNG, we suggest the following recommendations
for the design of pseudo-random number
From: [EMAIL PROTECTED]
Sent: Mar 21, 2006 9:58 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED], cryptography@metzdowd.com
Subject: Re: pipad, was Re: bounded storage model - why is R organized as
2-d array?
...
| Anyone see a reason why the digits of Pi wouldn't form an excellent
| public
Hi,
Does anyone have a good idea on how to OWF passphrases without
reducing them to lower entropy counts? That is, I've seen systems
which hash the passphrase then use a PRF to expand the result --- I
don't want to do that. I want to have more than 160 bits of entropy
involved.
I was thinking