[98162] in cryptography@c2.net mail archive
Re: Re: Fwd: Potential SHA 1 Hack Using Distributed Computing -
daemon@ATHENA.MIT.EDU (Paul Hoffman)
Wed Aug 15 10:40:50 2007
In-Reply-To: <20070814233133.li4w6h8lc4gwgsck@webmail.tugraz.at>
Date: Tue, 14 Aug 2007 15:47:06 -0700
To: Christian Rechberger <christian.rechberger@TUGraz.at>
From: Paul Hoffman <paul.hoffman@vpnc.org>
Cc: Cryptography <cryptography@metzdowd.com>
At 11:31 PM +0200 8/14/07, Christian Rechberger wrote:
>The mentioned article is indeed confusing, the information in there
>took apparently several hops.
Welcome to the world of public cryptography! :-) At least I haven't
seen anyone so far suggest that you will find pre-images.
>To address your questions: Indeed, we have our own "path", but more
>importantly we developed a new method to speed-up generation and
>testing of candidate message pairs and apply it to SHA-1. The
>resulting work factor is still quite high, hence we ask for
>contributions via the BOINC framework.
Is there any estimation of how high? Specifically, do you believe
there is a good chance of having less work effort than the current
Wang strategy? For example, if you are sure that your result will be
around 2^70, well that is interesting in theory but probably not
worth any publicity you have gotten so far. If you are sure it will
be around 2^55, I'll certainly give you some of my spare CPU cycles.
>More information on cryptanalytic details, type of collision, and
>resulting work factor will appear later this year.
That's good to hear. It would also be interesting if you could keep a
running meter of approximately how much work you are getting from the
participants. This isn't nearly as "sexy" as finding ETs or even
protein folding...
--Paul Hoffman, Director
--VPN Consortium
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
