certificates. The public key data is public, and it's a random
bitpattern where nobody would ever notice a few different bits.
If someone finds a collision for microsoft's windows update cert (or a
number of other possibilities), and the fan is well and truly buried
in it.
Correct me if I'm wrong
-
From: Matt Crawford [mailto:[EMAIL PROTECTED]
Sent: Monday, August 30, 2004 11:47 AM
To: Ian Grigg
Cc: Daniel Carosone; crypto
Subject: Re: How thorough are the hash breaks, anyway?
certificates. The public key data is public, and it's a random
bitpattern where nobody would ever
AM
To: Ian Grigg
Cc: Daniel Carosone; crypto
Subject: Re: How thorough are the hash breaks, anyway?
certificates. The public key data is public, and it's a random
bitpattern where nobody would ever notice a few different bits.
If someone finds a collision for microsoft's windows
Dan Carosone wrote:
There is one application of hashes, however, that fits these
limitations very closely and has me particularly worried:
certificates. The public key data is public, and it's a random
bitpattern where nobody would ever notice a few different bits.
If someone finds a
You would have to either:
- search for candidate collisions amongst public keys you know the
private key for (bit more expensive)
- factorize the public key after you found a collision
the 2nd one isn't as hard as it sounds because the public key would be
essentially random and have
At 16:09 26/08/2004, Trei, Peter wrote:
[snip]
Looking over the recent work on hash collisions, one
thing that struck me was that they all seem to be
attacks on known plaintext - the 'plaintexts' which
collided were very close to each other, varying in
only a few bits.
While any weakness is a
On Thu, 26 Aug 2004, Trei, Peter wrote:
While any weakness is a concern, and I'm not
going to use any of the compromised algorithms
in new systems, this type of break seems to be
of limited utility.
It allows you (if you're fortunate) to modify a signed
message and have the signature
