MD5 and SHA cracked/broken...
Kirk Job-Sluder
kirk at eyegor.jobsluder.net
Sun Sep 12 23:59:13 EDT 2004
On 2004-09-13, Paul Rubin <> wrote:
> Kirk Job-Sluder <kirk at eyegor.jobsluder.net> writes:
>> SHA-1, SHA-256, SHA-384, and SHA-512 are all in the same family so a
>> fundamental break in SHA-1 should make the other three more vulnerable
>> as well.
>
> SHA-256 is in the "same family" as SHA-1 only in the same sense that
> SHA-1 is in the same family as SHA-0. You really can't conclude
> anything like what you're saying.
I'm not certain about that. Ok, I was a bit too hasty in using the word
"should" there. My research into this strongly suggests that the
addition of additional rotations to SHA-1 makes it enough different from
SHA-0 that it is difficult to generalize from SHA-0 to 1. However,
SHA-256 and SHA-512 (SHA-384 is a truncated version of 512) are pretty
strongly derived from SHA-1. In fact, the standard says:
"The four algorithms differ most significantly in the number of bits of
security that are provided for the data being hashed this is directly
related to the message digest length."
So, granted I could be completely wrong here, but it looks like it
should be easier to generalize from SHA-1 to SHA-256 and SHA-512, as
well as their truncated versions.
If I am wrong, an explanation of the differences between the three
beyond the obvious fact that the larger versions shuffle more data
around would be helpful.
--
Kirk Job-Sluder
"The square-jawed homunculi of Tommy Hilfinger ads make every day an
existential holocaust." --Scary Go Round
More information about the Python-list
mailing list