A painting of me

Joux found a collision for SHA-0 ! ⇒

   17 August 2004, terribly early in the morning

This link was found via Slashdot.

This is a post from my link log: If you click the title of this post you will be taken the web page I am discussing.

Perma-Link  

Comments

  1. For those who are interested, this is what has happened. SHA-0 is a cryptographic hash function; a function that when given an input of arbitrary size will produce an output of some fixed size.

    A cryptographic hash function should satisfy 3 properties: given the value of a hash, it should be infeasible to find the input that produced the hash; given any input x, it should be infeasible to find another input x' such that the hashes of x and x' match; it should be infeasible to find two different inputs that have the same hash value.

    The last property is what has been broken. The researchers have found what people call a collision. They have done this without trying all possibilities.

    by ramanan on August 17 2004, 4:23 am   #

  2. Moreover, once you find a collision, finding a “significant collision” only takes twice as long (expected time) as if took you to find the original collision…I thought SHA-0 was not one of the premier hashing functions anyways though. (i.e. the hash values are too small or something like that)...Do you know if the problems with SHA-0 extend to the other SHA’s (e.g. SHA-256?)

    by Ryan on August 17 2004, 2:47 pm   #

  3. SHA-0 isn’t used at all I think. There was a weakness found in SHA that allowed for an attack in 261 steps, so it was replaced by SHA-1. This attack is a variation of the attack originally described. You can read more about SHA if you are so inclined.

    by ramanan on August 17 2004, 8:57 pm   #

  4. I see…it is 160-bits…I mistakenly thought it was 80-bits, which is way too short. But the 160-bits give you the brute-force-and-ignorance collision finding algorithm in about 280 steps (i.e. birthday paradox). So that is probably where I saw the 80 in a description and just didn’t read it well enough. And of course if had 80-bit hash values (instead of 160-bits) then that is obviously way too small. (~ 240 steps to find a collision).

    by Ryan on August 17 2004, 9:20 pm   #

Don't be shy, you can comment too!

 
Some things to keep in mind: You can style comments using Textile. In particular, *text* will get turned into text and _text_ will get turned into text. You can post a link using the command "linktext":link, so something like "google":http://www.google.com will get turned in to google. I may erase off-topic comments, or edit poorly formatted comments; I do this very rarely.