But this is precisely the kind of "observation" that some people seem to miss
out on the importance of. As Tomas suggested in his post, if this was true,
then we could have a huge compression ratio as well. And even if there was 10%
of the bit patterns that created non-unique hashes, you could use the fact that
a block hashed to a known bit pattern that didn't have collisions, to compress
the other 90% of your data.
I'm serious about this from a number of perspectives. We worry about the time
it would take to reverse SHA or RSA hashes to passwords, not even thinking that
what if someone has been quietly computing all possible hashes for the past
10-20 years into a database some where, with every 5-16 character password, and
now has an instantly searchable hash-to-password database.
Sometimes we ignore the scale of time, thinking that only the immediately
visible details are what we have to work with.
If no one has computed the hashes for every single 4K and 8K block, then fine.
But, if that was done, and we had that data, we'd know for sure which algorithm
was going to work the best for the number of bits we are considering.
Speculating based on the theory of the algorithms for "random" number of bits
is just silly. Where's the real data that tells us what we need to know?
On Jul 11, 2012, at 9:02 AM, Sašo Kiselkov wrote:
> On 07/11/2012 03:57 PM, Gregg Wonderly wrote:
>> Since there is a finite number of bit patterns per block, have you tried to
>> just calculate the SHA-256 or SHA-512 for every possible bit pattern to see
>> if there is ever a collision? If you found an algorithm that produced no
>> collisions for any possible block bit pattern, wouldn't that be the win?
> Don't think that, if you can think of this procedure, that the crypto
> security guys at universities haven't though about it as well? Of course
> they have. No, simply generating a sequence of random patterns and
> hoping to hit a match won't do the trick.
> P.S. I really don't mean to sound smug or anything, but I know one thing
> for sure: the crypto researchers who propose these algorithms are some
> of the brightest minds on this topic on the planet, so I would hardly
> think they didn't consider trivial problems.
zfs-discuss mailing list