On Thu, Jun 12, 2008 at 3:00 PM, comex <[EMAIL PROTECTED]> wrote: > You know... to fake a vote in this manner (have your collision be not > meaningless junk but a desired value), you would need a pretty amazing > supercomputer. I don't think most Agorans have those to play with.
I don't know the details, but I know it's currently possible to find random MD5 collisions in minutes on an ordinary notebook. I don't think it would be too much more difficult to find random MD5 collisions with particular prefixes. It may be more secure to require the seed to come before the vote rather than after, but I don't know that for certain. > Compromise on SHA-1? I would be fine with SHA-1, though I would prefer one of the SHA-2 hashes if available. -root
