1. Vernon apparently got offended because I pointed out that he
didn't realize that MD5 checksum on IPv4 was easily breakable via
dictionary attack or that his use of it went his often public stated
condescending policy of "do not implement half-solutions".
And the applicable "Kook" rule from Mr. Schryver's bible that started this
thread is:
http://www1.ietf.org/mail-archive/ietf/Current/msg22092.html
"you are deeply offended when people do not agree that you have found the
UFPSTTSP"
Which Mr. Schryver conveniently removed from his web site version (wonder why?):
http://www.rhyolite.com/anti-spam/you-might-be.html
Perhaps Mr. Moore should recall my claim to archive mail.
He wrote this:
Perhaps Mr. Schryver should recall my claim to archive mail.
The point I made in #1 above is that Mr. Schryver had apparently never
considered the question until I asked it. And then when I pointed out to him
he got very offended, which violates one of his own rules for being a "Kook":
I wrote:
Yes that is why I wondered why you bothered to hash the IP at all.
I think this is case where you voilated your own principle of not
implementing "half solutions". There is no security or privacy benefit
to hashing the IPs (because a brute force dictionary attack can be
built in 100 hours) and there would be benefits to not hashing them
such as my algorithm. Now I have to carry around a 16 GB dictionary
(lookup table).
He responded:
I doubt you have figured out how we thought the IP address might be used.
I responded:
What you thought is irrelevant to facts at hand. The fact is the IPs can be
reasonably extracted thus logically it is reasonably useless to hash them.
} So if you had 1% of that space, or 40 million IPs in your databases
} over time, then would take approx. 20 million minutes = 333,000
} hours = 15,000 days < 50 years to convert all MD5 back to IPv4s.
I never did figure out what Mr. Moore meant by 15,000 days. He
could not have been thinking of doing on average 2 billion MD5 hashes
Can you read? I wrote "1% of the space".
for each of 4 billion IPv4 addresses, because that would have been
silly and would have take more than 15,000 days.
Ok, I'll stop feeding the troll now.
I will stop feeding the troll by posting in this thread now. I predict he or
his buddies won't stop posting in this thread.
Shelby Moore
http://AntiViotic.com