IBM to Provide Security w/o Sacrificing Privacy Using Hash
hawke at hawkesnest.net
Wed May 25 18:20:36 CEST 2005
gpg.20.subu at spamgourmet.com wrote:
> I thought that two *non* identical names - as in case below will *not*
> create the same hash
> If it will, what is the probability ?
The probability of this happening is extremely low.
For a 128-bit hash, such as md5, the probability is 1 in 2^128 (1 in
For a 160-bit hash, such as sha-1 which PGP uses, the probability is 1
in 2^160, 1 in
"If the hash algorithm is properly designed and distributes the hashes
uniformly over the output space, 'finding a hash collision' by random
guessing is exceedingly unlikely (it's more likely that a million people
will correctly guess all the California Lottery numbers every day for a
billion trillion years). Other hashes have even more bits: the SHA-1
algorithm generates 160 bits, whose output space is four billions times
larger than that produced by MD5's 128 bits."
(from "An Illustrated Guide to Cryptographic Hashes")
Of course, this only applies to a random method, but that is pretty much
all peoples' names are going to give you.
Birthday Attack (http://en.wikipedia.org/wiki/Birthday_attack)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 374 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20050525/aab7492c/signature.pgp
More information about the Gnupg-users