Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 08 Apr 2006 20:31:53 -0500
From: Dennis Olvany <>
Subject: Re: hash collisions

Solar Designer wrote:
> For most hash types, the number of inputs is also finite - even in
> theory.  And it is finite for all of them in practice.

Do you refer to password hashing specifically? Algorithms such as MD5 
and SHA1 digest the entire input, correct? So, while I suppose that the 
input may be finite I would venture to guess that it is only limited by 
a maximum file size, which is certainly far beyond 56 bits.

> [crypt] input is truncated to 56 bits

Crypt truncates to eight characters, right? I am thinking that 8 
characters at 8 bits per character is 64 bits. The most significant bit 
in each character is removed because it is always zero? Perhaps it 
causes a cryptographic weakness for every eighth bit to be a zero?

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ