Re: [Gnu-arch-users] Re: MD5 is broken

gnu-arch-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: MD5 is broken

From:	Aaron Bentley
Subject:	Re: [Gnu-arch-users] Re: MD5 is broken
Date:	Wed, 16 Mar 2005 13:53:23 -0500
User-agent:	Mozilla Thunderbird 0.6 (X11/20040530)

Tom Lord wrote:

The "combination" of two hash functions is itself a single hash function.

So, arguments of the form "two are better than one", if mathematically
based, aim for the conclusion that nothing short of an infinite amount
of hashing code in core arch will be enough.

It's not mathmatically based. It's pragmatic. It means that when onehash is broken, you have a window of opportunity to replace the brokenhash with an unbroken one. You are not vulnerable until both hashes arebroken, so unless both hashes are broken before you replace one of them,you will never be vulnerable.


Aaron
--
Aaron Bentley
Director of Technology
Panometrics, Inc.

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnu-arch-users] Re: MD5 is broken, (continued)

Prev by Date: Re: [Gnu-arch-users] naming convention defaults
Next by Date: Re: [Gnu-arch-users] Re: MD5 is broken
Previous by thread: Re: [Gnu-arch-users] Re: MD5 is broken
Next by thread: Re: [Gnu-arch-users] Re: MD5 is broken
Index(es):
- Date
- Thread