collision vs. preimage attacks: policy for signing data created by others
Hubert Kario
hka at qbs.com.pl
Thu Oct 4 22:09:27 CEST 2012
On Thursday 04 of October 2012 10:51:57 spam man wrote:
> So the question is...
>
> 1.) I have two different messages that have the same hash value (a
> collision).
> hash("foo") = abcdefg
> hash("bar") = abcdefg
>
> 2.) Now you want to append identical new data to the messages and see if
> the new hashes would still be collisions?
> hash("foo and here are some more words") = tuvwxyz
> hash("bar and here are some more words") = tuvwxyz
>
> Is this your question?
won't the answer to that depend on the hash in question?
The hash output depends on internal state of the hash function.
If the output depends on all bits of internal state then yes, appending new
data should give the same output.
If the output depends only on some bits of internal state (we have 512 bits
of internal state and the output is only 256bit) then appending new data may
or may not give the same output. If the collision was found randomly I'd say
the latter has more chance of happening.
Or am I missing something?
Regards,
--
Hubert Kario
QBS - Quality Business Software
02-656 Warszawa, ul. Ksawerów 30/85
tel. +48 (22) 646-61-51, 646-74-24
www.qbs.com.pl
More information about the Gnupg-users
mailing list