Re: [Gnu-arch-users] Re: MD5 is broken

gnu-arch-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: MD5 is broken

From:	Bruce Stephens
Subject:	Re: [Gnu-arch-users] Re: MD5 is broken
Date:	Mon, 21 Mar 2005 23:31:55 +0000
User-agent:	Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux)

Adrian Irving-Beer <address@hidden> writes:

[...]

> Let's say I have a particular piece of data that MD5 hashes into a
> paricular hash value (we'll call it MD5-A), and SHA1 hashes into
> another value (SHA1-A).
>
> Let's say I then manage to 'break' MD5, by creating another piece of
> data that has the same MD5 hash (MD5-A).
>
> My question is, would that different piece of data also have an SHA1
> hash of SHA1-A?  Or would it have some other SHA1 code (SHA1-B)?

Almost certainly the latter.  (That is, as far as I'm aware there's no
particular connection between the two.  They're both apparently from a
similar family of algorithms, which is causing people to propose
significant new research efforts into hashing algorithms, but finding
collisions in one doesn't help in finding collisions in the other, as
far as I'm aware.)

Better, as Tom suggests, to try and separate out the issues.  Graydon
wrote something related a while ago,
<http://www.venge.net/monotone/docs/Hash-Integrity.html>, arguing that
one should consider separately mechanisms for detecting accidental
modifications and mechanisms for determining trust.

[...]

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnu-arch-users] Re: MD5 is broken, (continued)

Prev by Date: [Gnu-arch-users] Regression in 1.3.1 (PANIC: conflict applying patch in arch_build_revision)
Next by Date: Re: [Gnu-arch-users] Re: MD5 is broken
Previous by thread: Re: [Gnu-arch-users] Re: MD5 is broken
Next by thread: Re: [Gnu-arch-users] Re: MD5 is broken
Index(es):
- Date
- Thread