[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 26 Jun 2012 17:05:12 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: raw-sha1_li
On 2012-06-26 12:12, Andries E. Brouwer wrote:
>> In this format, we 'could' remove the raw-sha1_LI, and simply change
>> raw-sha1 to behave like this.
>
> There are two entirely different hashes:
> 1. raw-sha1
> 2. raw-sha1 followed by zeroing the first 20 bits
>
> They should have different names since they differ.
> For example, the linkedin dump contains the hashes
>
> a96807e7bd710592ee36264a72d6aa35c2d165f9
> 000007e7bd710592ee36264a72d6aa35c2d165f9
>
> Now sunshine09 has sha1sum
>
> 3b1787e7bd710592ee36264a72d6aa35c2d165f9
>
> so that it qualifies for the second hash, but not for the first one.
> This means that raw-sha1 and raw-sha1_LI must be kept separate.
> It also means that it is a bad idea to call them both $dynamic_26$.
Wow, a 140-bit collision? OK, verified sunshine09, and I also have the
others in the LI dataset. This fact should be all over the Internet but
I can't find it mentioned. I find that odd. Has anyone cracked
a96807e7bd710592ee36264a72d6aa35c2d165f9?
There could be other explanations than a partial collision. But
regardless of that, I think you are basically right we should separate
them. It's just that as long as one knows what he's doing, it's more
effective running them together.
magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
