[ILUG] SSH dictionary attacks.
Colm MacCarthaigh
colm at stdlib.net
Tue Aug 29 18:13:22 IST 2006
On Tue, Aug 29, 2006 at 05:57:34PM +0100, Proinnsias Breathnach wrote:
> Are there even theoretical collisions that result in both the same MD5
> *and* SNA1 hash for the message(s) in question ?
100% yes. It's a cast iron guarantee. For non-theoretical, at the
current pace of development; probably within years rather than decades.
> If not - surely just a twin-hash approach would solve a multitude of
> immediate problems - with todays' tools ?
I used to think that, but it's very niave. A twin hash is basically just
a single longer hash. Combining two different hashes which are radically
different in their approaches to the problem will drastically reduce the
chances of collision, but probably not by more than doubling the hash
size would have in the first place anyway. Don't forget that when you
use two hashes, you are doubling the hash length. That's a negative
thing, the aim is to keep them small. Otherwise corruption in the hash
itself is just a big problem as it was in the original.
--
Colm MacCárthaigh Public Key: colm+pgp at stdlib.net
More information about the ILUG
mailing list