monotone-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Re: RFC: Fake IDs

From: Jack Lloyd
Subject: Re: [Monotone-devel] Re: RFC: Fake IDs
Date: Tue, 18 Jul 2006 21:55:35 -0400
User-agent: Mutt/1.5.11 
On Tue, Jul 18, 2006 at 06:39:49PM -0700, Zack Weinberg wrote:

> Perhaps I only say this because I am not a cryptographer at all, but
> it seems to me that the collision probability results might depend on
> the assumption that both sides of the potential collision are in fact
> SHA of some text.  In which case, maybe a bitstream generated by
> pounding on the keyboard is more likely to collide.

Nor am I, but I believe the collision probabilities are the same, _if_
you assume that SHA-1 and your PRNG are both good (ie, behave like a
random function). However, that adds a second assumption (good PRNG)
that did not exist before.

SHA-1(a) == SHA-1(b) -> SHA-1 collision found -> weakness in SHA

a == SHA-1(b) -> Maybe a problem in the RNG, maybe a problem in SHA... maybe
                 just a strange interaction between the two that you didn't
                 expect.

-Jack
reply via email to
[Prev in Thread] Current Thread [Next in Thread]