Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 26 Jun 2012 17:05:12 +0200
From: magnum <>
Subject: Re: raw-sha1_li

On 2012-06-26 12:12, Andries E. Brouwer wrote:
>> In this format, we 'could' remove the raw-sha1_LI, and simply change
>> raw-sha1 to behave like this.
> There are two entirely different hashes:
> 1. raw-sha1
> 2. raw-sha1 followed by zeroing the first 20 bits
> They should have different names since they differ.
> For example, the linkedin dump contains the hashes
> a96807e7bd710592ee36264a72d6aa35c2d165f9
> 000007e7bd710592ee36264a72d6aa35c2d165f9
> Now sunshine09 has sha1sum
> 3b1787e7bd710592ee36264a72d6aa35c2d165f9
> so that it qualifies for the second hash, but not for the first one.
> This means that raw-sha1 and raw-sha1_LI must be kept separate.
> It also means that it is a bad idea to call them both $dynamic_26$.

Wow, a 140-bit collision? OK, verified sunshine09, and I also have the 
others in the LI dataset. This fact should be all over the Internet but 
I can't find it mentioned. I find that odd. Has anyone cracked 

There could be other explanations than a partial collision. But 
regardless of that, I think you are basically right we should separate 
them. It's just that as long as one knows what he's doing, it's more 
effective running them together.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.