[Top] [All Lists]

Re: [openpgp] Fingerprints and their collisions resistance

2013-01-04 16:21:33
Hi Andrey,

On Fri, Jan 04, 2013 at 11:56:36AM -0800, Andrey Jivsov wrote:
On 01/04/2013 02:53 AM, Christian Aistleitner wrote:
Do you have any data / research underpinning this 51 (Besides

After all, the cited Wikipedia page links to the retracted variant of
an article :-(

Otherwise, the best /theoretical/ result that I know of is just
above 60.

It looks like this is from the paper "Classification and Generation of 
Disturbance Vectors for Collision Attacks against SHA-1"
published in 2011 in Designs, Codes and Cryptography

I guess you are aware of the fact that in recent variants of the
article, the 51 is gone and that there is a reason why I wrote
“retracted variant” in my original mail :-)

Should we rather say that the _practical_ value is about 60 [...]

Practical has more than just one meaning, just as theoretical :-)
As the post you reference only says

  If Stevens' attack of $2^{60}$ SHA-1 operations serves as the
  baseline [...]

and does not say that “Stevens' attack” is practical (or “practical”
in what sense), I am convinced you have read in Stevens' research to
underpin your claim. For example you might have come across Stevens'
2012 PhD thesis and have read passages as

  [...] and this chosen-prefix collision attack against SHA-1 remains a
  theoretical attack.

in section 7.7.3 (but that's somewhat out of context), or more
general statements as

  [...] even though no practical collision attacks against SHA-1 or
  actual colliding messages are known yet.

from section 8.4.

But be things as they may, if you know better than Stevens himself and
can make his results even more practical, please step up and share
your work.

All the best,

---- quelltextlich e.U. ---- \\ ---- Christian Aistleitner ----
                           Companies' registry: 360296y in Linz
Christian Aistleitner
Gruendbergstrasze 65a        Email:  christian(_at_)quelltextlich(_dot_)at
4040 Linz, Austria           Phone:          +43 732 / 26 95 63
                             Fax:            +43 732 / 26 95 63

Attachment: signature.asc
Description: Digital signature

openpgp mailing list