On Saturday, 18 January 2014 at 15:17:52 UTC, Chris Cain wrote:
You're correct. It was an example of a collision attack which means they can put up a single hash and it will match many possible documents that include all the names of the candidates.
Consequence of a 2-document collision is big enough, that a 12-document collision doesn't pose any notably bigger threat. Nostradamus is all they could come up with, which is laughable. If they upgrade this to an actual partial 3.6-bit preimage attack, and one collision takes 2 days as they say, for a comparison, with such partial preimage attack, full preimage attack on a 32-bit hash like crc32 will take 2^^(32-3.6)*2 days = 1959870 years in an ideal case.
If you had _read_ the source, you may have understood that. In fact, if you have read anything on cryptography at all before, you'd be staying away from MD5, but ignorance is bliss I suppose.
Isn't it you, who insist on ignorance to how a collision attack works and how it doesn't work? You insist on a magical approach to cryptography, that MD5 magic doesn't work and SHA3 magic works, but you should know that magic is a delusion, and delusion leads to failures and damage, so by spreading delusions, it's you who cause damage, not me.
